Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE
Overview Apache has released a security update to address an important Apache Tomcat vulnerability (CVE-2024-56337) that could result in remote code execution (RCE) under certain conditions. This new CVE is closely tied to the earlier Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation (CVE-2024-50379), for which an incomplete mitigation was issued on December 17, […]
Apache Pinot Vulnerability: Everything You Need to Know About the 900 Associated CVEs
During CVE research at Upwind, we encountered an unfamiliar Apache service known as Apache Pinot. Apache Pinot is a real-time distributed OnLine Analytical Processing (OLAP) datastore specifically designed to deliver low-latency responses to OLAP queries. The Apache Pinot architecture is comprised of four key components: Why Use Apache Pinot? Organizations implement Apache Pinot to enhance […]