Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-33933

Summary
Assigner-apache
Assigner Org ID-f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At-14 Jun, 2023 | 07:44
Updated At-13 Feb, 2025 | 16:55
Rejected At-
Credits

Apache Traffic Server: s3_auth plugin problem with hash calculation

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apache
Assigner Org ID:f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At:14 Jun, 2023 | 07:44
Updated At:13 Feb, 2025 | 16:55
Rejected At:
▼CVE Numbering Authority (CNA)
Apache Traffic Server: s3_auth plugin problem with hash calculation

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions

Affected Products
Vendor
The Apache Software FoundationApache Software Foundation
Product
Apache Traffic Server
Default Status
unaffected
Versions
Affected
  • From 8.0.0 through 9.2.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-200CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Type: CWE
CWE ID: CWE-200
Description: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Textual description of severity
text:
low
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
Masakazu Kitajo
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
vendor-advisory
https://www.debian.org/security/2023/dsa-5435
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
N/A
https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
N/A
Hyperlink: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
Resource:
vendor-advisory
Hyperlink: https://www.debian.org/security/2023/dsa-5435
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
vendor-advisory
x_transferred
https://www.debian.org/security/2023/dsa-5435
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
x_transferred
https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
x_transferred
Hyperlink: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
Resource:
vendor-advisory
x_transferred
Hyperlink: https://www.debian.org/security/2023/dsa-5435
Resource:
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
Resource:
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
The Apache Software Foundationapache
Product
traffic_server
CPEs
  • cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 8.0.0 through 8.1.6 (custom)
  • From 9.0.0 through 9.2.0 (custom)
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@apache.org
Published At:14 Jun, 2023 | 08:15
Updated At:13 Feb, 2025 | 17:16

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches

The Apache Software Foundation
apache
>>traffic_server>>Versions from 8.0.0(inclusive) to 8.1.7(exclusive)
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>traffic_server>>Versions from 9.0.0(inclusive) to 9.2.1(exclusive)
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Secondarysecurity@apache.org
NVD-CWE-noinfoSecondarynvd@nist.gov
CWE ID: CWE-200
Type: Secondary
Source: security@apache.org
CWE ID: NVD-CWE-noinfo
Type: Secondary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvssecurity@apache.org
Mailing List
https://lists.debian.org/debian-lts-announce/2023/06/msg00037.htmlsecurity@apache.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/security@apache.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/security@apache.org
N/A
https://www.debian.org/security/2023/dsa-5435security@apache.org
N/A
https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvsaf854a3a-2127-422b-91ae-364da2661108
Mailing List
https://lists.debian.org/debian-lts-announce/2023/06/msg00037.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.debian.org/security/2023/dsa-5435af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
Source: security@apache.org
Resource:
Mailing List
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
Source: security@apache.org
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
Source: security@apache.org
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
Source: security@apache.org
Resource: N/A
Hyperlink: https://www.debian.org/security/2023/dsa-5435
Source: security@apache.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.debian.org/security/2023/dsa-5435
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1305Records found

CVE-2026-34486
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-15.83% / 96.48%
||
7 Day CHG+0.38%
Published-09 Apr, 2026 | 19:35
Updated-30 Jun, 2026 | 03:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.
Product-tomcatApache TomcatRed Hat JBoss Web Server 5Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat JBoss Web Server 6Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CWE ID-CWE-807
Reliance on Untrusted Inputs in a Security Decision
CVE-2026-34487
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.45% / 35.83%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 19:36
Updated-14 Apr, 2026 | 12:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2026-34483
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.46% / 36.75%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 19:30
Updated-14 Apr, 2026 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Incomplete escaping of JSON access logs

Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117 , which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2026-33266
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.23% / 14.23%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 15:52
Updated-15 Apr, 2026 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OpenMeetings: Hardcoded Remember-Me Cookie Encryption Key and Salt

Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case OM admin hasn't changed the default encryption key, an attacker who has stolen a cookie from a logged-in user can get full user credentials. This issue affects Apache OpenMeetings: from 6.1.0 before 9.0.0. Users are recommended to upgrade to version 9.0.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-openmeetingsApache OpenMeetings
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2026-34020
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.51% / 39.63%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 15:52
Updated-15 Apr, 2026 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OpenMeetings: Login Credentials Passed via GET Query Parameters

Use of GET Request Method With Sensitive Query Strings vulnerability in Apache OpenMeetings. The REST login endpoint uses HTTP GET method with username and password passed as query parameters. Please check references regarding possible impact This issue affects Apache OpenMeetings: from 3.1.3 before 9.0.0. Users are recommended to upgrade to version 9.0.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-openmeetingsApache OpenMeetings
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2026-34059
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.31%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 12:39
Updated-04 May, 2026 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data()

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-126
Buffer Over-read
CVE-2026-32228
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.26%
||
7 Day CHG~0.00%
Published-18 Apr, 2026 | 06:19
Updated-21 Apr, 2026 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: Users with asset materialization permisssions could trigger Dags they had no access to

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflow
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-32966
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 08:43
Updated-17 Jun, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure

DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-dolphinschedulerApache DolphinScheduler
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-31923
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.25% / 16.18%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 08:38
Updated-17 Apr, 2026 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache APISIX: Openid-connect `tls_verify` field is disabled by default

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to `ssl_verify` in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-apisixApache APISIX
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2026-31910
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.46% / 36.69%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 09:33
Updated-19 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OFBiz: Improper Input Validation in UI Factory Classes Leads to SSRF and Blind File Access

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizApache OFBiz
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-31987
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.05%
||
7 Day CHG~0.00%
Published-16 Apr, 2026 | 13:31
Updated-20 Apr, 2026 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: JWT token appearing in logs

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflow
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2026-28779
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.68% / 47.76%
||
7 Day CHG~0.00%
Published-17 Mar, 2026 | 10:15
Updated-17 Mar, 2026 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications

Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself. Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflow
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2023-28707
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.06% / 79.02%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 14:53
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Airflow Apache Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.

Action-Not Available
Vendor-The Apache Software Foundation
Product-apache-airflow-providers-apache-drillApache Airflow Drill Providerapache-airflow-providers-apache-drill
CWE ID-CWE-20
Improper Input Validation
CVE-2026-29129
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.26% / 17.17%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 19:19
Updated-14 Apr, 2026 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: TLS cipher order is not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2026-29146
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.49% / 87.71%
||
7 Day CHG-0.15%
Published-09 Apr, 2026 | 19:21
Updated-30 Jun, 2026 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default

Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue.

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.
Product-tomcatApache TomcatRed Hat JBoss Web Server 5Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat JBoss Web Server 6.2 on RHEL 10Red Hat JBoss Web Server 6.2.3Red Hat JBoss Web Server 6.2 on RHEL 8Red Hat JBoss Web Server 6.2 on RHEL 9
CWE ID-CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-642
External Control of Critical State Data
CVE-2026-30912
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.45% / 35.96%
||
7 Day CHG~0.00%
Published-18 Apr, 2026 | 06:20
Updated-21 Apr, 2026 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: Exposing stack trace in case of constraint error

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflow
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2026-30778
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.54% / 41.66%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 10:54
Updated-20 Apr, 2026 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache SkyWalking: The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-skywalkingApache SkyWalking
CWE ID-CWE-202
Exposure of Sensitive Information Through Data Queries
CVE-2023-24977
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.16% / 63.27%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 09:09
Updated-27 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache InLong: Jdbc Connection causes arbitrary file reading in InLong

Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214  to solve it.

Action-Not Available
Vendor-The Apache Software Foundation
Product-inlongApache InLong
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14439
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-10.76% / 95.29%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 10:49
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectOracle CorporationThe Apache Software FoundationFasterXML, LLC.Red Hat, Inc.
Product-communications_diameter_signaling_routerglobal_lifecycle_management_opatchsiebel_engineering_-_installer_\&_deploymentjd_edwards_enterpriseone_orchestratorprimavera_gatewaysiebel_ui_frameworkbanking_platformcommunications_instant_messaging_serverjboss_middleware_text-only_advisoriesdebian_linuxjackson-databindfinancial_services_analytical_applications_infrastructurefedoragoldengate_stream_analyticsretail_xstore_point_of_servicejd_edwards_enterpriseone_toolsdrillretail_customer_management_and_segmentation_foundationn/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2021-39239
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-4.01% / 89.30%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XML External Entity (XXE) vulnerability

A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server.

Action-Not Available
Vendor-The Apache Software Foundation
Product-jenaApache Jena
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2021-37150
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-4.2||MEDIUM
EPSS-1.70% / 74.35%
||
7 Day CHG~0.00%
Published-10 Aug, 2022 | 00:00
Updated-08 Sep, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Protocol vs scheme mismatch

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxThe Apache Software Foundation
Product-debian_linuxtraffic_serverfedoraApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34797
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.89% / 85.21%
||
7 Day CHG~0.00%
Published-04 Jan, 2022 | 08:55
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Geode project log file redaction of sensitive information vulnerability

Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix "sysprop-", "javax.net.ssl", or "security-". This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0.

Action-Not Available
Vendor-The Apache Software Foundation
Product-geodeApache Geode
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-25141
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.16% / 63.27%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 12:12
Updated-20 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JNDI injection into Apache sling-org-apache-sling-jcr-base

Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDNI and RMI. Users of Apache Sling JCR Base are recommended to upgrade to Apache Sling JCR Base 3.1.12 or later, or to run on a more recent JDK.

Action-Not Available
Vendor-The Apache Software Foundation
Product-sling_jcr_baseApache Sling JCR Base
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-24735
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.28%
||
7 Day CHG~0.00%
Published-04 Feb, 2026 | 10:41
Updated-06 Feb, 2026 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Answer: Revision API Improper Access Control leads to Information Disclosure

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or sensitive information. Users are recommended to upgrade to version 2.0.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-answerApache Answer
CWE ID-CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
CVE-2021-29262
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-7.80% / 93.94%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 06:35
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Misapplied Zookeeper ACLs can result in leakage of configured authentication and authorization settings

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be readable. Additionally, with any ZkACLProvider, if the security.json is already present, Solr will not automatically update the ACLs.

Action-Not Available
Vendor-The Apache Software Foundation
Product-solrApache Solr
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2023-51785
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.01% / 58.94%
||
7 Day CHG~0.00%
Published-03 Jan, 2024 | 09:36
Updated-13 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager

Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick [1] to solve it. [1]  https://github.com/apache/inlong/pull/9331

Action-Not Available
Vendor-The Apache Software Foundation
Product-inlongApache InLong
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-50292
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.05% / 85.93%
||
7 Day CHG~0.00%
Published-09 Feb, 2024 | 17:29
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configure and test new Schemas and configSets. However, when the feature was created, the "trust" (authentication) of these configSets was not considered. External library loading is only available to configSets that are "trusted" (created by authenticated users), thus non-authenticated users are unable to perform Remote Code Execution. Since the Schema Designer loaded configSets without taking their "trust" into account, configSets that were created by unauthenticated users were allowed to load external libraries when used in the Schema Designer. Users are recommended to upgrade to version 9.3.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-solrApache Solr
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-25958
Matching Score-8
Assigner-Mend
ShareView Details
Matching Score-8
Assigner-Mend
CVSS Score-6.5||MEDIUM
EPSS-2.64% / 83.71%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 14:07
Updated-16 Sep, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Generation of Error Message Containing Sensitive Information in Apache OFBiz

In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. A user can register with a very long password, but when he tries to login with it an exception occurs.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizofbiz-framework
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2022-46363
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.19% / 64.23%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 14:46
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache CXF directory listing / code exfiltration

A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.

Action-Not Available
Vendor-The Apache Software Foundation
Product-cxfApache CXF
CWE ID-CWE-20
Improper Input Validation
CVE-2022-41704
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.14% / 79.82%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 00:00
Updated-25 Feb, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Batik prior to 1.16 allows RCE when loading untrusted SVG input

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-batikdebian_linuxApache XML Graphics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-40308
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.19% / 64.20%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files

If anonymous read enabled, it's possible to read the database file directly without logging in.

Action-Not Available
Vendor-The Apache Software Foundation
Product-archivaApache Archiva
CVE-2022-38370
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.10% / 61.76%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 09:50
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
No authorization of DatabaseConnectController in grafana-connector.

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdbApache IoTDB
CWE ID-CWE-862
Missing Authorization
CVE-2024-51775
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.24% / 15.17%
||
7 Day CHG~0.00%
Published-03 Aug, 2025 | 10:13
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Zeppelin: Command Injection via CSWSH

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs.  This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-zeppelinApache Zeppelin
CWE ID-CWE-1385
Missing Origin Validation in WebSockets
CVE-2024-52279
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.88% / 54.74%
||
7 Day CHG~0.00%
Published-03 Aug, 2025 | 10:02
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string

Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-zeppelinApache Zeppelin
CWE ID-CWE-20
Improper Input Validation
CVE-2024-51569
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.16% / 63.14%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 11:17
Updated-08 Jul, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-nimbleApache NimBLEnimble
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-39553
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.78% / 75.50%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 07:18
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: before 2.4.3. It is recommended to upgrade to a version that is not affected.

Action-Not Available
Vendor-The Apache Software Foundation
Product-apache-airflow-providers-apache-drillApache Airflow Drill Providerapache-airflow-providers-apache-drill
CWE ID-CWE-20
Improper Input Validation
CVE-2024-47252
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.67% / 47.39%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 16:55
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_ssl error log variable escaping

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-150
Improper Neutralization of Escape, Meta, or Control Sequences
CVE-2024-45195
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-99.98% / 99.98%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 08:08
Updated-23 Oct, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-02-25||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Apache OFBiz: Confused controller-view authorization logic (forced browsing)

Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizApache OFBizofbizOFBiz
CWE ID-CWE-425
Direct Request ('Forced Browsing')
CVE-2024-45784
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.29% / 66.82%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 08:20
Updated-03 Jun, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: Sensitive configuration values are not masked in the logs by default

Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially exposing critical data that could be exploited to compromise the security of the Airflow deployment. In version 2.10.3, secrets are now masked in task logs to prevent sensitive configuration variables from being exposed in the logging output. Users should upgrade to Airflow 2.10.3 or the latest version to eliminate this vulnerability. If you suspect that DAG authors could have logged the secret values to the logs and that your logs are not additionally protected, it is also recommended that you update those secrets.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflowairflow
CWE ID-CWE-1295
Debug Messages Revealing Unnecessary Information
CVE-2024-41178
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.71% / 49.00%
||
7 Day CHG~0.00%
Published-23 Jul, 2024 | 16:50
Updated-10 Jul, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens.  On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html . This allows someone with access to the logs to impersonate that identity, including performing their own calls to AssumeRoleWithWebIdentity, until the OIDC token expires. Typically OIDC tokens are valid for up to an hour, although this will vary depending on the issuer. Users are recommended to use a different AWS authentication mechanism, disable logging or upgrade to version 0.10.2, which fixes this issue. Details: When using AWS WebIdentityTokens with the object_store crate, in the event of a failure and automatic retry, the underlying reqwest error, including the full URL with the credentials, potentially in the parameters, is written to the logs.  Thanks to Paul Hatcherian for reporting this vulnerability

Action-Not Available
Vendor-The Apache Software Foundation
Product-arrowApache Arrow Rust Object Storearrow
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-42361
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.08% / 60.99%
||
7 Day CHG~0.00%
Published-20 Aug, 2024 | 20:56
Updated-03 Sep, 2024 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}

Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection.

Action-Not Available
Vendor-The Apache Software Foundation
Product-hertzbeatHertzBeathertzbeat
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-39573
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-35.45% / 98.25%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 18:16
Updated-03 Nov, 2025 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_rewrite proxy handler substitution

Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software Foundation
Product-ontaphttp_serverApache HTTP Serverhttp_server
CWE ID-CWE-20
Improper Input Validation
CVE-2019-12399
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.91% / 89.03%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 14:28
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables.

Action-Not Available
Vendor-The Apache Software FoundationOracle Corporation
Product-banking_trade_finance_process_managementbanking_supply_chain_financecommunications_cloud_native_core_policybanking_paymentsblockchain_platformflexcube_universal_bankingfinancial_services_analytical_applications_infrastructurebanking_liquidity_managementbanking_corporate_lending_process_managementbanking_platformkafkabanking_credit_facilities_process_managementbanking_virtual_account_managementKafka
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2019-12423
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-6.06% / 92.50%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 17:42
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all.

Action-Not Available
Vendor-The Apache Software FoundationOracle Corporation
Product-communications_diameter_signaling_routerretail_order_brokercommunications_session_route_managerflexcube_private_bankingcommunications_session_report_managercxfcommunications_element_managercommerce_guided_searchCXF
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-29266
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-7.69% / 93.86%
||
7 Day CHG~0.00%
Published-20 Apr, 2022 | 07:15
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
apisix/jwt-auth may leak secrets in error response

In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information.

Action-Not Available
Vendor-The Apache Software Foundation
Product-apisixApache APISIX
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2020-9491
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.87% / 85.09%
||
7 Day CHG+0.03%
Published-01 Oct, 2020 | 19:57
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced queues continued to support TLS v1.0 or v1.1.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-nifiApache NiFi
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-9486
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.56% / 87.91%
||
7 Day CHG+0.15%
Published-01 Oct, 2020 | 19:50
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-nifiApache NiFi
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-1942
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.49% / 87.71%
||
7 Day CHG+0.08%
Published-11 Feb, 2020 | 20:57
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was printed, potentially containing sensitive values in plaintext.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-nifiApache NiFi
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-1940
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-4.51% / 90.35%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 16:51
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials object but does not remove it upon processing during the first phase of the authentication. In combination with additional, independent authentication mechanisms, this may lead to the new password being disclosed.

Action-Not Available
Vendor-The Apache Software Foundation
Product-jackrabbit_oakApache Jackrabbit Oak
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2020-17519
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.1||CRITICAL
EPSS-97.86% / 99.90%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 11:40
Updated-27 Oct, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-06-13||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Apache Flink directory traversal attack: reading remote files through the REST API

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.

Action-Not Available
Vendor-The Apache Software Foundation
Product-flinkApache FlinkflinkFlink
CWE ID-CWE-552
Files or Directories Accessible to External Parties
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 26
  • 27
  • Next
Details not found