White Paper:

Virsec Security Research Lab Vulnerability Report – Volume 1, 2020

The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities. Each week, the Virsec team details the top 5 vulnerabilities in open source code and a few vulnerabilities in popular security controls, their affected version, vulnerability details, and how the Virsec Security Platform (VSP) can detect these vulnerabilities. This report includes:

1. CVE-2020-1938 Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability
2. CVE-2020-2280: CSRF in Jenkins Warnings Plugin
3. CVE-2020-19447: SQL Injection on Joomla’s jDownloads component
4. CVE-2020-13166: MyLittleAdmin PreAuth RCE
5. CVE-2020-10714: WildFly-elytron: session fixation when using FORM authentication

separator-green
separator-green - bottom