| CVE-2023-27604 | Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability | Apache Software Foundation | Apache Airflow Sqoop Provider | 高危 | - | 2023-08-28 07:47:30 | Deep Dive |
| CVE-2023-41080 | Apache Tomcat: Open redirect with FORM authentication | Apache Software Foundation | Apache Tomcat | 中危 | - | 2023-08-25 20:39:37 | Deep Dive |
| CVE-2023-34040 | Java Deserialization vulnerability in Spring-Kafka When Improperly Configured | Spring | Spring For Apache Kafka | Medium | 5.3 | 2023-08-24 12:59:21 | Deep Dive |
| CVE-2023-39441 | Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation | Apache Software Foundation | Apache Airflow SMTP Provider | 中危 | - | 2023-08-23 15:39:52 | Deep Dive |
| CVE-2023-37379 | Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature | Apache Software Foundation | Apache Airflow | 高危 | - | 2023-08-23 15:38:56 | Deep Dive |
| CVE-2023-40273 | Session fixation in Apache Airflow web interface | Apache Software Foundation | Apache Airflow | 高危 | - | 2023-08-23 15:37:49 | Deep Dive |
| CVE-2022-44729 | Apache XML Graphics Batik: Information disclosure vulnerability | Apache Software Foundation | Apache XML Graphics Batik | 高危 | - | 2023-08-22 14:12:50 | Deep Dive |
| CVE-2022-44730 | Apache XML Graphics Batik: Information disclosure vulnerability | Apache Software Foundation | Apache XML Graphics Batik | 中危 | - | 2023-08-22 13:57:00 | Deep Dive |
| CVE-2022-46751 | Apache Ivy: XML External Entity vulnerability in Apache Ivy | Apache Software Foundation | Apache Ivy | 高危 | - | 2023-08-21 06:55:00 | Deep Dive |
| CVE-2023-40037 | Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs | Apache Software Foundation | Apache NiFi | 中危 | - | 2023-08-18 21:54:52 | Deep Dive |
| CVE-2023-40272 | Apache Airflow Spark Provider Arbitrary File Read via JDBC | Apache Software Foundation | Apache Airflow Spark Provider | 高危 | - | 2023-08-17 13:52:31 | Deep Dive |
| CVE-2023-39553 | Apache Airflow Drill Provider Arbitrary File Read Vulnerability | Apache Software Foundation | Apache Airflow Drill Provider | 高危 | - | 2023-08-11 07:18:14 | Deep Dive |
| CVE-2023-33934 | Apache Traffic Server: Differential fuzzing for HTTP request parsing discrepancies | Apache Software Foundation | Apache Traffic Server | 超危 | - | 2023-08-09 06:58:07 | Deep Dive |
| CVE-2022-47185 | Apache Traffic Server: Invalid Range header causes a crash | Apache Software Foundation | Apache Traffic Server | 高危 | - | 2023-08-09 06:57:40 | Deep Dive |
| CVE-2023-37581 | Apache Roller: Roller's weblog category, weblog settings and file-upload features did not properly sanitize input could be exploited to perform Reflected Cross Site Scripting (XSS) even on a Roller site configured for untrusted users. | Apache Software Foundation | Apache Roller | 中危 | - | 2023-08-06 07:21:04 | Deep Dive |
| CVE-2023-39508 | Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges | Apache Software Foundation | Apache Airflow | 高危 | - | 2023-08-05 06:47:15 | Deep Dive |
| CVE-2023-36542 | Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources | Apache Software Foundation | Apache NiFi | 高危 | - | 2023-07-29 07:12:18 | Deep Dive |
| CVE-2023-38647 | Apache Helix: Deserialization vulnerability in Helix workflow and REST | Apache Software Foundation | Apache Helix | 超危 | - | 2023-07-26 07:52:30 | Deep Dive |
| CVE-2023-38435 | Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin | Apache Software Foundation | Apache Felix Healthcheck Webconsole Plugin | 中危 | - | 2023-07-25 15:40:05 | Deep Dive |
| CVE-2023-37895 | Apache Jackrabbit RMI access can lead to RCE | Apache Software Foundation | Apache Jackrabbit Webapp (jackrabbit-webapp) | 超危 | - | 2023-07-25 14:02:10 | Deep Dive |