CVE-2022-21724 - Critical Code Execution Vulnerability in pgjdbc (PostgreSQL JDBC Driver)
In late 2021, researchers discovered a dangerous security hole in pgjdbc—the official JDBC (Java Database Connectivity) driver used for connecting Java applications to PostgreSQL
CVE-2022-24198 - How a Tricky PDF Can Crash Apps Using iText v7.1.17 (ARCFOUR Encryption Vulnerability Explainer)
iText is one of the most widely used open-source libraries for working with PDF files in Java. From automated document generation to editing, it'
CVE-2022-24196 - Out-of-Memory DoS in iText v7.1.17’s readStreamBytesRaw – How One Malformed PDF Can Crash Your Service
When it comes to handling PDF files in Java, iText is a common library many developers trust. But in February 2022, security researchers discovered a
CVE-2022-23181 - How a Critical Shapeshift in Tomcat’s Fix Opened a Serious Window for Local Attackers
When it comes to Apache Tomcat, the world’s most popular Java application server, security bugs can have far-reaching effects. CVE-2022-23181 is one such bug—
CVE-2022-23437 - How an Infinite Loop Flaw in Apache Xerces Java XML Parser Can Hurt Your App
When it comes to building and operating secure applications, especially those handling lots of XML data, even simple-looking flaws can be surprisingly dangerous. One such
Episode
00:00:00
00:00:00