EUVD-2022-5140

Malicious code in bioql PyPI...

CVE-2019-0202

The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints...

Security Bulletin: A security vulnerability has been identified in Apache Storm, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2019-0202)

Summary Apache Storm is shipped with IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting Apache Storm has been published here. Vulnerability Details CVE-ID: CVE-2019-0202 Description: Apache Storm could allow a remote attacker to obtain sensitiv...

Code injection

The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints...