all InfoSec news
Detecting and Mitigating CVE-2022-42889 a.k.a. Text4shell
Dec. 2, 2022, 12:56 a.m. |
Cloud Security Alliance cloudsecurityalliance.org
Written by Miguel Hernández, Sysdig. A new critical vulnerability CVE-2022-42889 a.k.a. Text4shell, similar to the old Spring4Shell and Log4Shell, was originally reported by Alvaro Muñoz on the very popular Apache Commons Text library.
The vulnerability is rated as a critical 9.8 severity and is always a remote code execution (RCE), which would permit attackers to execute arbitrary code on the machine and compromise the entire host.
Apache Commons Text vers...
More from cloudsecurityalliance.org / Cloud Security Alliance
Breach Debrief: The Fake Slackbot
4 days, 16 hours ago |
cloudsecurityalliance.org
Understanding the Nuances: Privacy and Confidentiality
4 days, 16 hours ago |
cloudsecurityalliance.org
What’s in a Name? Defining Zero Trust for Leaders
4 days, 16 hours ago |
cloudsecurityalliance.org
Are You Ready for Microsoft Copilot?
4 days, 16 hours ago |
cloudsecurityalliance.org
Implementing a Data-Centric Approach to Security
4 days, 16 hours ago |
cloudsecurityalliance.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network AWS Cloud &Firewall Engineer
@ Arthur Grand Technologies Inc | Plano, TX, United States
Lead Consultant, Data Centre & BCP
@ Singtel | Singapore, Singapore
Protocol Security Engineer
@ Osmosis Labs | Remote
Technical Engineer - Payments Security Specialist
@ H&M Group | Bengaluru, India
Intern, Security Architecture
@ Sony | Work from Home-CA