Vulnerabilities > Apache > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2022-22728 A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads.
network
low complexity
apache fedoraproject debian
7.5
2022-08-25 CVE-2021-25642 Unspecified vulnerability in Apache Hadoop
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation.
network
low complexity
apache
8.8
2022-08-16 CVE-2022-38362 Unspecified vulnerability in Apache Apache-Airflow-Providers-Docker
Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
network
low complexity
apache
8.8
2022-08-15 CVE-2022-37400 Unspecified vulnerability in Apache Openoffice
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database.
network
low complexity
apache
8.8
2022-08-15 CVE-2022-37401 Unspecified vulnerability in Apache Openoffice
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database.
network
low complexity
apache
8.8
2022-08-10 CVE-2021-37150 Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources.
network
low complexity
apache debian fedoraproject
7.5
2022-08-10 CVE-2022-25763 Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks.
network
low complexity
apache debian fedoraproject
7.5
2022-08-10 CVE-2022-28129 Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers.
network
low complexity
apache debian fedoraproject
7.5
2022-08-10 CVE-2022-31778 Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache.
network
low complexity
apache debian
7.5
2022-08-10 CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5