Tag: vulnerability

Something  exciting happened a few days ago. It started with a tweet and a blog post, and has evolved into an official CVE-2022-21500. I thought it would be good to publish some details beyond the official MOS note document.  …

For many of us, the recent log4j vulnerability (CVE-2021-44228) became a severe headache this past weekend. I thought we’d publish a summary of some of our findings gathered so far. We’ll  keep it updated with news and details published by…

On September 1, 2020, Apache disclosed a security vulnerability for Apache Cassandra. Summary: It’s possible for a local attacker without access to the Apache Cassandra process or configuration files, to manipulate the RMI registry to perform a man-in-the-middle attack and…