CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-40743 - Dangerous Service Lookups in Apache Axis 1.x Can Lead to RCE, SSRF, and DOS
In August 2023, a high-impact vulnerability was disclosed affecting applications based on Apache Axis 1.x, a Java-based SOAP engine. Identified as CVE-2023-40743, this flaw
CVE-2023-40826 - Exploiting the pf4j `zipPluginPath` Vulnerability for Remote Code Execution
*CVE-2023-40826* shines a spotlight on a dangerous security weakness found in the pf4j plugin system, specifically versions up to 3.9.. With this vulnerability, attackers
CVE-2023-40827 - Remote Code Execution & Information Leak in PF4J via `loadpluginPath` Parameter
On August 2023, a serious security vulnerability was discovered in PF4J (v.3.9. and prior), a popular Java plugin framework. Identified as CVE-2023-40827, this
CVE-2023-34040 - Deserialization Attack Risk in Spring for Apache Kafka—What You Need To Know
In the world of data streaming, Apache Kafka is a powerful tool, while Spring for Apache Kafka makes it much easier to build Java apps
Episode
00:00:00
00:00:00