3 matches found
Security Bulletin: IBM Event Processing is vulnerable to a CRLF injection vulnerability in Netty (CVE-2025-67735)
Summary IBM Event Processing is vulnerable to a CRLF injection vulnerability in Netty io.netty.handler.codec.http.HttpRequestEncoder. An attacker could exploit this vulnerability to perform HTTP request smuggling against affected Event Processing services that use the vulnerable Netty component...
CVE-2024-45033 Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview org.jenkins-ci.plugins:fortify-cloudscan-jenkins-plugin allows an organization to host their own internal cloud-based infrastructure of Static Code Analyzer SCA machines that are distributed jobs by a centralized controller and optionally integrated with Software Security Center SSC...