Security Bulletins
- CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 / Log4Shell: Log4J with JNDI enabled allowed arbitrary code execution
- CVE-2022-22963 and CVE-2022-22965 / Spring4Shell: Spring Framework allows remote code execution
- CVE-2022-3786 and CVE-2022-3602: OpenSSL vulnerabilities
- CVE-2022-39135: Apache Calcite allows XML External Entity (XXE) attack
- CVE-2022-42889 / Text4Shell: Apache Commons Text allows remote code execution
- CVE-2023-44487 / Rapid Reset: HTTP/2 protocol allows DDoS attacks