| CVE-2024-22393 | Apache Answer: Pixel Flood Attack by uploading the large pixel file | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:51:43 | Deep Dive |
| CVE-2024-23349 | Apache Answer: XSS vulnerability when submitting summary | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:48:21 | Deep Dive |
| CVE-2024-26578 | Apache Answer: Repeated submission at registration created duplicate users with the same name | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:28:15 | Deep Dive |
| CVE-2024-25141 | Apache Airflow Mongo Provider: Certificate validation isn't respected even if SSL is enabled for apache-airflow-providers-mongo | Apache Software Foundation | Apache Airflow Mongo Provider | - | - | 2024-02-20 20:30:29 | Deep Dive |
| CVE-2024-23114 | Apache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository | Apache Software Foundation | Apache Camel | 高危 | - | 2024-02-20 14:59:38 | Deep Dive |
| CVE-2024-22369 | Apache Camel: Camel-SQL: Unsafe Deserialization from JDBCAggregationRepository | Apache Software Foundation | Apache Camel | 高危 | - | 2024-02-20 14:58:36 | Deep Dive |
| CVE-2023-51770 | Apache DolphinScheduler: Arbitrary File Read Vulnerability | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:02:13 | Deep Dive |
| CVE-2023-50270 | Apache DolphinScheduler: Session do not expire after password change | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:01:32 | Deep Dive |
| CVE-2023-49250 | Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:00:07 | Deep Dive |
| CVE-2023-49109 | Remote Code Execution in Apache Dolphinscheduler | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 09:58:57 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-25710 | Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file | Apache Software Foundation | Apache Commons Compress | High | 8.1 | 2024-02-19 08:33:41 | Deep Dive |
| CVE-2024-26308 | Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file | Apache Software Foundation | Apache Commons Compress | 中危 | - | 2024-02-19 08:31:50 | Deep Dive |
| CVE-2024-23952 | Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104) | Apache Software Foundation | Apache Superset | Medium | 6.5 | 2024-02-14 11:09:47 | Deep Dive |
| CVE-2023-50291 | Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords | Apache Software Foundation | Apache Solr | 高危 | - | 2024-02-09 17:29:33 | Deep Dive |
| CVE-2023-50292 | Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users | Apache Software Foundation | Apache Solr | 高危 | - | 2024-02-09 17:29:21 | Deep Dive |
| CVE-2023-50298 | Apache Solr: Solr can expose ZooKeeper credentials via Streaming Expressions | Apache Software Foundation | Apache Solr | 高危 | - | 2024-02-09 17:29:08 | Deep Dive |
| CVE-2023-50386 | Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets | Apache Software Foundation | Apache Solr | 高危 | - | 2024-02-09 17:28:51 | Deep Dive |
| CVE-2024-23452 | Apache bRPC: HTTP request smuggling vulnerability | Apache Software Foundation | Apache bRPC | 高危 | - | 2024-02-08 09:00:05 | Deep Dive |
| CVE-2023-39196 | Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints | Apache Software Foundation | Apache Ozone | Medium | 5.3 | 2024-02-07 12:56:30 | Deep Dive |