CVE-2022-31520 The Luxas98/logstash-management-api repository through 2020-05-04 uses unsafe Flask send_file function.
This function reads the entire file into memory, so an attacker can use it to inject malicious code into the application. The attacker needs only
CVE-2022-33980 The Apache Commons Configuration module performs variable interpolation, expanding properties.
or a later version. Apache Commons Configuration supports interpolation of various data types, such as date and number formats. The format for interpolation of date
CVE-2021-46687 The Artifactory Project Administrator REST API is vulnerable to Sensitive Data Exposure.
The REST API for the Project Administrator interface in JFrog Artifactory allows unauthenticated access, resulting in potential information leaks. An attacker can craft a URL
CVE-2021-45721 Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to XSS through the Users REST API endpoint.
The XHR parameter is a special string that can be used to pass dynamic data to the request. When using XHR parameters, the request is
CVE-2022-30290 An access control vulnerability has been found in OpenCTI through 5.2.4.
The vulnerability has been fixed in version 5.2.5. If you are using any version prior to 5.2.5, it’s recommended to
Episode
00:00:00
00:00:00