CVE-2022-41131 - OS Command Injection in Apache Airflow Hive Provider Explained
On October 17, 2022, a new vulnerability was disclosed in the Apache Airflow Hive Provider: CVE-2022-41131. This security issue is caused by *Improper Neutralization of
CVE-2022-38649 - OS Command Injection Vulnerability in Apache Airflow Pinot Provider – Explained
In August 2022, a critical security issue was discovered in the Apache Airflow Pinot Provider. Labeled CVE-2022-38649, this vulnerability exposes Apache Airflow users to OS
CVE-2022-41936 The `modifications` API does not filter entries by user rights.
-XWiki sites using the `modifications` REST endpoints do not filter entries based on the user's rights. This means that information such as comments,
CVE-2022-43708 Attachments interface has XSS vulnerabilities that allow attackers to inject HTML.
When the user uploads a file, it will be converted to HTML and posted on the site. In addition, there is no input validation on
CVE-2022-37332 - Exploiting a Use-After-Free in Foxit PDF Reader’s JavaScript Engine
In June 2022, security researchers discovered a critical vulnerability—CVE-2022-37332—that affects Foxit Software’s PDF Reader, specifically version 12..1.12430. This flaw lies
Episode
00:00:00
00:00:00