Apache

Security VulnerabilitiesNews

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability [CVE-2021-45105]

Duncan 2592 Views 0 Comments 0 min read

Please note that this vulnerability is not the main well known Log4j one, for further information on CVE-2021-44228 please click

Read More
Security VulnerabilitiesNews

Critical Apache Log4j remote code execution vulnerability [CVE-2021-44228]

Duncan 4661 Views 0 Comments 4 min read

A critical remote code execution vulnerability in Apache Foundation Log4j library has been discovered. This vulnerability has been dubbed Log4Shell.

Read More
Security VulnerabilitiesNews

Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773)

Duncan 2069 Views 0 Comments 0 min read

CVE number = CVE-2021-41773 A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49.

Read More
Security VulnerabilitiesNews

Path Traversal and Remote Code Execution in Apache HTTP Server (incomplete fix of CVE-2021-41773) (CVE-2021-42013)

Duncan 2388 Views 0 Comments 0 min read

It was discovered that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a

Read More
Security VulnerabilitiesNews

Apache Tomcat – Denial of service vulnerability [CVE-2021-42340]

Duncan 2720 Views 0 Comments 0 min read

CVE number – CVE-2021-42340 The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions

Read More
Security VulnerabilitiesNews

Apache Releases Security Update for Apache HTTP Server 2.4 [CVE-2021-41773]

Duncan 2323 Views 0 Comments 0 min read

CVE number – CVE-2021-41773 A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49.

Read More
Security VulnerabilitiesNews

Apache OpenOffice remote code execution flaw [CVE-2021-33035]

Duncan 2933 Views 0 Comments 0 min read

CVE number = CVE-2021-33035 Security researcher Eugene Lim (@spaceraccoonsec) has revealed technical details about a remote code execution flaw in

Read More
Security VulnerabilitiesNews

Apache NuttX vulnerable to integer wrap-arounds [CVE-2021-26461]

Duncan 3343 Views 0 Comments 0 min read

CVE number = CVE-2021-26461 Apache Nuttx (incubating) versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc

Read More
Security VulnerabilitiesNews

Apache SpamAssassin malicious rule configuration [CVE-2020-1946]

Duncan 5356 Views 0 Comments 0 min read

CVE number – CVE-2020-1946 Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue of security note where malicious

Read More
Security VulnerabilitiesNews

Apache Commons Beanutils PropertyUtilsBean Class Property Suppression Vulnerability [CVE-2019-10086]

Jason Davies 5115 Views 0 Comments 1 min read

CVE number – CVE-2019-10086 A vulnerability in Apache Commons Beanutils could allow an unauthenticated, remote attacker to perform unauthorized actions

Read More