CVE-2021-30639 Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 10.0.3 to 10.0.4
Apache Tomcat 9.0.44
Apache Tomcat 8.5.64
Description:
An error introduced as part of a change to improve error handling during
non-blocking I/O meant
CVE-2021-33037 HTTP request smuggling
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 10.0.0-M1 to 10.0.6
Apache Tomcat 9.0.0.M1 to 9.0.46
Apache Tomcat 8.5.0 to 8.5.66
Description:
Apache Tomcat did not correctly parse the HTTP transfer-encoding
Hi all,
Apache SkyWalking Team is glad to announce the release of Apache
SkyWalking Client JS 0.6.0
SkyWalking: APM (application performance monitor) tool for distributed
systems,
especially designed for microservices, cloud native and container-based
(Docker, Kubernetes, Mesos) architectures.
CVE-2021-30640 JNDI Realm Authentication Weakness
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 10.0.0-M1 to 10.0.5
Apache Tomcat 9.0.0.M1 to 9.0.45
Apache Tomcat 8.5.0 to 8.5.65
Apache Tomcat 7.0.0 to 7.0.108
Description:
Queries made by the JNDI Realm
Description:
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow
the server causing an OutOfMemory error. This issue affects the SFTP and port
forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It
was addressed in Apache Mina SSHD 2.7.0
The Camel PMC is pleased to announce the release of Apache Camel 3.7.5.
Apache Camel is an open source integration framework that empowers you
to quickly and easily integrate various systems consuming or producing
data.
This release is a patch release for the LTS 3.7.x branch that contains
17
The Apache Beam team is pleased to announce the release of version 2.31.0.
Apache Beam is an open source unified programming model to define and
execute data processing pipelines, including ETL, batch and stream
(continuous) processing.
See https://beam.apache.org
You can download the release