Security
Headlines
HeadlinesLatestCVEs

Tag

#apache

Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware

Cryptominer campaign runs for years using legit sites to spread malware, targeting Linux systems through known bugs and avoiding detection.

HackRead
#vulnerability#web#windows#linux#apache#git#ssl
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution. "The attacker leverages

GHSA-36wv-v2qp-v4g4: Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged

Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory exception. In addition, it is possible to configure CXF to encrypt temporary files to prevent sensitive credentials from being cached unencrypted on the local filesystem, however this bug means that the cached files are written out to logs unencrypted. Users are recommended to upgrade to versions 3.5.11, 3.6.6, 4.0.7 or 4.1.1, which fixes this issue.

GHSA-44c3-38h8-9fh9: Apache Jackrabbit vulnerable to blind XXE attack due to insecure document build

Blind XXE vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit < 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 (Java 8), 2.22.1 (Java 11) or 2.23.2 (Java 11, beta versions), which fix this issue. Earlier versions (up to 2.20.16) are not supported anymore, thus users should update to the respective supported version.

GHSA-7pgf-ppxw-8624: Apache Zeppelin exposes server resources to unauthenticated attackers

The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue by removing the Cluster Interpreter.

GHSA-j288-q9x7-2f5v: Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs

Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop. Users are recommended to upgrade to version 3.18.0, which fixes the issue.

GHSA-25xr-qj8w-c4vf: Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams

Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

GHSA-wr62-c79q-cv37: Apache Tomcat Catalina is vulnerable to DoS attack through bypassing of size limits

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

GHSA-4j3c-42xv-3f84: Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 9.0.107, which fixes the issue.

June Linux Patch Wednesday

June Linux Patch Wednesday. This time, there are 598 vulnerabilities, almost half as many as in May. Of these, 355 are in the Linux Kernel. There are signs of exploitation in the wild for 3 vulnerabilities (CISA KEV). 🔻 SFB – Chromium (CVE-2025-2783)🔻 MemCor – Chromium (CVE-2025-5419)🔻 CodeInj – Hibernate Validator (CVE-2025-35036). This vulnerability is […]