The Apache PDFBox community is pleased to announce the release of
Apache PDFBox version 3.0.2. The release is available for download at:
https://pdfbox.apache.org/download.html
See the full release notes below for details about this release.
Release Notes -- Apache PDFBox -- Version 3.0.2
Intr
Severity: important
Affected versions:
- Apache CXF before 4.0.4, 3.6.3, 3.5.8
Description:
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF
before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks
on webservices that take at least one parameter
The Camel PMC is pleased to announce the release of Apache Camel 4.4.1 (LTS).
Apache Camel is an open source integration framework that empowers you
to quickly and easily integrate various systems consuming or producing
data.
This release contains 32 new features and improvements.
The release is
Severity: critical
Affected versions:
- Apache ZooKeeper 3.9.0 through 3.9.1
- Apache ZooKeeper 3.8.0 through 3.8.3
- Apache ZooKeeper 3.6.0 through 3.7.2
Description:
Information disclosure in persistent watchers handling in Apache ZooKeeper due
to missing ACL check. It allows an attacker to
The Apache James (https://james.apache.org) community is pleased to
announce the availability of Apache James MIME4J 0.8.11 library.
Apache James MIME4J is a library for parsing and and building MIME
messages, written in plain Java.
Read more about this release:
https://james.apache.org/jame
The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit Oak 1.22.19. The release is available for download at:
http://jackrabbit.apache.org/downloads.html
See the full release notes below for details about this release:
Release Notes -- Apache Jackrabbit O
Dear community,
The Apache Groovy team is pleased to announce version 4.0.20 of Apache Groovy.
This is mostly to fix a minor glitch in the 4.0.19 zip distribution
which affected
users on some platforms (Maven jar artifacts weren't impacted) but also contains
some additional fixes and dependency up
Dear community,
The Apache Groovy team is pleased to announce version 5.0.0-alpha-7 of
Apache Groovy.
This is mostly to fix a minor glitch in the 5.0.0-alpha-6 zip
distribution which affected
users on some platforms (Maven jar artifacts weren't impacted) but also contains
some additional fixes and
The Apache Commons is pleased to announce Apache Commons Configuration 2.10.0.
The Commons Configuration software library provides a generic
configuration interface that enables an application to read
configuration data from a variety of sources and tools to assist in
the reading of configuration/
Severity: moderate
Affected versions:
- Apache Airflow 2.8.0 before 2.8.3
Description:
Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows
an authenticated user with limited permissions to access resources such as
variables, connections, etc from the UI which they do
CVE-2024-23672 Apache Tomcat - Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.0-M16
Apache Tomcat 10.1.0-M1 to 10.1.18
Apache Tomcat 9.0.0-M1 to 9.0.85
Apache Tomcat 8.5.0 to 8.5.98
Description:
It was possible fo
CVE-2024-24549 Apache Tomcat - Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.0-M16
Apache Tomcat 10.1.0-M1 to 10.1.18
Apache Tomcat 9.0.0-M1 to 9.0.85
Apache Tomcat 8.5.0 to 8.5.98
Description:
When processing an
12 matches
Mail list logo