CVE-2023-40167 - Jetty HTTP/1 Header Parsing Vulnerability Explained
Jetty is a popular Java-based web server and servlet engine used in millions of applications, both for development and production purposes. In 2023, a subtle
CVE-2023-36479 - How Jetty's CGI Servlet Bug Lets Hackers Run Rogue Commands
Published: April 2024
What is CVE-2023-36479?
CVE-2023-36479 is a serious security flaw discovered in Eclipse Jetty, a widely used open-source Java web server and servlet
CVE-2023-1108 - Denial-of-Service in Undertow via SSL Handshake Infinite Loop
A newly discovered vulnerability, CVE-2023-1108, affects the Undertow web server. This server is widely used behind application servers like WildFly and JBoss. This flaw can
CVE-2023-4785 - Exploiting Error Handling Flaws in Google's gRPC TCP Server for Large-Scale Denial of Service (DoS) Attacks
In 2023, a vulnerability identified as CVE-2023-4785 was disclosed in Google’s gRPC library. If you’re using gRPC C++, Python, or Ruby on a
CVE-2023-35674 - How a Logic Bug in Android’s WindowState.java Can Let Apps Bypass Foreground Restrictions
Android’s sandboxing and activity management is one of the pillars that keeps your phone secure — stopping malware from running in the background or behind
Episode
00:00:00
00:00:00