Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text
3y agoen
Source
In this post we’ll review CVE-2022-42889, the recent Arbitrary Code Execution Vulnerability in Apache Commons Text, including what it is, how to remediate it, and why it’s not the new Log4Shell.
You might also wanna read

WAF - WAF Release - 2025-08-25
Cloudflare·10mo ago
IPA and JPCERT/CC Warn of Multiple Apache Tomcat Vulnerabilities
IPA and JPCERT/CC announced multiple vulnerabilities in Apache Tomcat on July 1, published in Japan Vulnerability Notes (JVN). The Apache So
scan.netsecurity.ne.jp·2d ago
OpenSSL Vulnerability CVE-2025-15467: Stack Overflow with Remote Code Execution Risk
JFrog Security Research team reports on a newly disclosed OpenSSL vulnerability, CVE-2025-15467, which is a stack overflow issue that could
Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
ThreatLocker·12d ago
Researcher Discovers Critical React2Shell RCE Vulnerability (CVE-2025-55182) Affecting Millions of Websites
A security researcher recounts discovering a critical remote code execution vulnerability (CVE-2025-55182, dubbed "React2Shell") in the Reac
Critical 7-Zip vulnerability (CVE-8.8) enables code execution via crafted archive files; update to version 26.01 urged
A critical 8.8-rated CVE vulnerability has been discovered in the popular open-source archive utility 7-Zip. The flaw allows remote code exe

Comments
Sign in to join the conversation.
No comments yet. Be the first.