CVE-2022-24847 GeoServer is an open source software server that allows users to share and edit geospatial data.
GeoServer is vulnerable to an attack that allows an attacker to execute malicious Java code by simply setting up a data source. This is because
CVE-2022-24818 - Critical JNDI Vulnerability in GeoTools Library—Explained
GeoTools is a widely-used open source Java library for handling geospatial (map/geography) data. By providing an extensive toolkit for reading, manipulation, and writing geospatial
CVE-2022-22958 - Remote Code Execution in VMware Workspace ONE Access—How Attackers Exploit Deserialization in JDBC URIs
Earlier this year, VMware announced two dangerous vulnerabilities (CVE-2022-22957 & CVE-2022-22958) in some of their most widely used products: Workspace ONE Access, Identity Manager, and
CVE-2022-24839 - How a Java HTML Parser in Nokogiri Could Crash Your App with OutOfMemoryError
org.cyberneko.html is a widely used HTML parser written in Java. Many Java-based tools and some Ruby projects use variants or forks of this
CVE-2022-26612 UnTar uses unTarUsingJava or the built-in tar on Windows to create a symlink under the expected extraction directory which points to an external directory.
unTar now validates the target directory path when unpackEntry creates a TAR entry and unpackEntry now validates the target directory path when unpackEntry creates a
Episode
00:00:00
00:00:00