CVE-2022-23437 - How an Infinite Loop Flaw in Apache Xerces Java XML Parser Can Hurt Your App
When it comes to building and operating secure applications, especially those handling lots of XML data, even simple-looking flaws can be surprisingly dangerous. One such
CVE-2022-22310 - How a Sneaky Flaw in IBM WebSphere Liberty Could Expose Your Sensitive Data
In late 2021, IBM found a troubling weakness in its WebSphere Application Server Liberty—the lightweight Java app server used by thousands of companies to
CVE-2022-23221 - How Attackers Can Execute Code Remotely on H2 Database Console before 2.1.210
The H2 Database is a popular in-memory database that’s widely used for testing and development in many Java-based applications. Unfortunately, some versions of H2’
CVE-2022-21353 - Understanding The WebLogic T3 Vulnerability — Overview, Exploit, and Protection
Oracle WebLogic Server is a core component in many enterprise Java applications, making it a frequent target for attackers. A notable vulnerability — CVE-2022-21353 — was disclosed
CVE-2022-21305 - Unauthorized Data Modification in Oracle Java SE & GraalVM via Hotspot
In late 2021, Oracle disclosed CVE-2022-21305, a security vulnerability affecting several popular versions of Oracle Java SE and Oracle GraalVM Enterprise Edition. The vulnerability targets
Episode
00:00:00
00:00:00