| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-43667 | Apache InLong: Log Injection in Global functions | Apache Software Foundation | Apache InLong | 高危 | - | 2023-10-16 08:08:02 | Deep Dive |
| CVE-2023-43668 | Apache InLong: Jdbc Connection Security Bypass in InLong | Apache Software Foundation | Apache InLong | 超危 | - | 2023-10-16 08:07:43 | Deep Dive |
| CVE-2023-45757 | Apache bRPC: The builtin service rpcz page has an XSS attack vulnerability | Apache Software Foundation | Apache bRPC | 中危 | - | 2023-10-16 08:01:41 | Deep Dive |
| CVE-2023-42663 | Apache Airflow: Bypass permission verification to view task instances of other dags | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-10-14 09:47:26 | Deep Dive |
| CVE-2023-42792 | Apache Airflow: Improper access control to DAG resources | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-10-14 09:47:08 | Deep Dive |
| CVE-2023-45348 | Apache Airflow: Configuration information leakage vulnerability | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-10-14 09:46:45 | Deep Dive |
| CVE-2023-42780 | Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-10-14 09:46:10 | Deep Dive |
| CVE-2023-44981 | Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication | Apache Software Foundation | Apache ZooKeeper | 超危 | - | 2023-10-11 11:55:48 | Deep Dive |
| CVE-2023-45648 | Apache Tomcat: Trailer header parsing too lenient | Apache Software Foundation | Apache Tomcat | 中危 | - | 2023-10-10 18:38:34 | Deep Dive |
| CVE-2023-42795 | Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests | Apache Software Foundation | Apache Tomcat | 中危 | - | 2023-10-10 17:42:17 | Deep Dive |
| CVE-2023-42794 | Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows | Apache Software Foundation | Apache Tomcat | 高危 | - | 2023-10-10 17:17:01 | Deep Dive |
| CVE-2023-39410 | Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK | Apache Software Foundation | Apache Avro Java SDK | 高危 | - | 2023-09-29 16:23:34 | Deep Dive |
| CVE-2022-4245 | Codehaus-plexus: xml external entity (xxe) injection | Red Hat | RHINT Camel-K-1.10.1 | Medium | 4.3 | 2023-09-25 19:20:57 | Deep Dive |
| CVE-2022-4244 | Codehaus-plexus: directory traversal | Red Hat | RHINT Camel-K-1.10.1 | High | 7.5 | 2023-09-25 19:20:05 | Deep Dive |
| CVE-2023-41834 | Apache Flink Stateful Functions allowed HTTP header injection due to Improper Neutralization of CRLF Sequences | Apache Software Foundation | Apache Flink Stateful Functions | 中危 | - | 2023-09-19 12:34:17 | Deep Dive |
| CVE-2023-41267 | Apache HDFS Provider error message suggested installation of incorrect pip package | Apache Software Foundation | Apache Airflow HDFS Provider | 高危 | - | 2023-09-14 07:46:42 | Deep Dive |
| CVE-2023-42503 | Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file | Apache Software Foundation | Apache Commons Compress | 中危 | - | 2023-09-14 07:45:15 | Deep Dive |
| CVE-2023-41081 | Apache Tomcat Connectors: Unexpected use of first declared worker in mod_jk for unmapped request | Apache Software Foundation | Apache Tomcat Connectors | 高危 | - | 2023-09-13 09:30:06 | Deep Dive |
| CVE-2023-40712 | Apache Airflow: Secrets can be unmasked in the "Rendered Template" | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-09-12 11:05:49 | Deep Dive |
| CVE-2023-40611 | Apache Airflow Dag Runs Broken Access Control Vulnerability | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-09-12 11:05:23 | Deep Dive |