Apache patched the major vulnerability CVE-2022-42889 at the end of September for its library Commons Text, and issued a warning recently. This vulnerability has attracted the attention of many researchers, but why? Some information security experts pointed out that since many Java projects use this library, the severity is likely to be close to Log4Shell. Penetration testing tool Cobalt Strike recently released an update to patch an RCE vulnerability CVE-2022-42948 caused by an incomplete patch in late September. The software developer said the vulnerability involved the framework used by the tool.
I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.View all posts by Ewen Eagle →