CVE-2023-34040 - Deserialization Attack Risk in Spring for Apache Kafka—What You Need To Know
In the world of data streaming, Apache Kafka is a powerful tool, while Spring for Apache Kafka makes it much easier to build Java apps
CVE-2022-44729 - Server-Side Request Forgery (SSRF) Vulnerability in Apache XML Graphics Batik (Versions 1.16 and Below)
Recently, a critical vulnerability (CVE-2022-44729) came to light in the Apache XML Graphics Batik library. This security issue can be exploited to perform
CVE-2022-40433 - Denial of Service in HotSpot JVM’s ciMethodBlocks::make_block_at Function — Exploit Details and Simple Breakdown
Java is everywhere, running millions of apps and systems. The Java Virtual Machine (JVM) is what makes Java code run, and Oracle’s HotSpot is
CVE-2022-46751 - Understanding and Exploiting XML External Entity (XXE) & XML Injection in Apache Ivy
CVE-2022-46751 is a critical vulnerability affecting all versions of Apache Ivy prior to 2.5.2. The flaw resides in how Ivy handles
CVE-2023-40343 - How Jenkins Tuleap Authentication Plugin Leaks Tokens via Timing Attacks
## Introduction
Jenkins is one of the world’s most famous automation servers. It relies heavily on plugins to deliver its powers, and authentication plugins are
Episode
00:00:00
00:00:00