CVE-2024-12698 - The Incomplete OLM Catalogd Fix—Authenticated gRPC Streams Left Exposed to the Rapid Reset Attack
In February 2024, a critical security oversight was revealed involving Red Hat’s ose-olm-catalogd-container—a core part of the Operator Lifecycle Manager in OpenShift. Many
CVE-2024-5469 - Denial of Service in GitLab KAS via Crafted gRPC Requests - Exploit Details and Analysis
In early June 2024, a significant vulnerability was identified in GitLab CE/EE affecting the Kubernetes Agent Server (KAS). Tracked as CVE-2024-5469, this weakness allows
CVE-2024-35223 - Dapr gRPC Proxy Leaks App Tokens — Deep Dive, Exploit Details, and How to Stay Safe
Dapr is quite popular among cloud-native engineers. It provides a portable, event-driven runtime for building distributed applications across cloud and edge, making microservices easier to
CVE-2024-29025 - Netty’s HttpPostRequestDecoder Vulnerability Explained and Exploited
Netty is a powerful Java networking library used to build high-performance network servers and clients. You’ll find Netty powering a huge number of projects
CVE-2024-20919 - Java HotSpot Integrity Flaw in Oracle Java SE & GraalVM (Explained with PoC and Exploit Guidance)
Oracle Java SE is one of the most widely used platforms for running critical business applications. With the rise of cloud-native and microservices architectures, Java
Episode
00:00:00
00:00:00