CVE-2024-1233 - Critical SSRF in JBoss EAP JwtValidator - How Hackers Can Exploit Vulnerable `resolvePublicKey` Logic
In early 2024, security researchers disclosed a serious Server-Side Request Forgery (SSRF) vulnerability in Red Hat’s JBoss Enterprise Application Platform (EAP). Tracked as
CVE-2024-2700: Quarkus-Core Component Vulnerability - Local Environment Variables Capture and Risky Build-Time Inheritance
A vulnerability (CVE-2024-2700) was recently discovered in the quarkus-core component of Quarkus, a popular Java-based microservices development framework. This vulnerability is
CVE-2024-1300: Memory Leak Vulnerability in Eclipse Vert.x TCP Servers with TLS and SNI Support
A critical vulnerability, dubbed CVE-2024-1300, has been discovered in the Eclipse Vert.x toolkit, leading to potential memory leaks in TCP servers configured
CVE-2024-22353 - IBM WebSphere Liberty DoS Vulnerability Explained (w/ Exploit Example)
TL;DR: If you’re running IBM WebSphere Application Server Liberty (version 17...3 up to 24...4), you might be at risk for a
CVE-2024-1023 - Memory Leak in Eclipse Vert.x via Netty FastThreadLocal Abuse — Exploit Analysis & Practical Guide
A recently-disclosed vulnerability, CVE-2024-1023, affects the popular Java toolkit Eclipse Vert.x. It revolves around the improper use of Netty's
Episode
00:00:00
00:00:00