{"uuid": "9e516dd7-70c9-4a1c-a71e-1455cc5a225b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33891", "type": "exploited", "source": "https://t.me/KomunitiSiber/30", "content": "CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems\nhttps://thehackernews.com/2023/03/cisas-kev-catalog-updated-with-3-new.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has\u00a0added\u00a0three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThe list of vulnerabilities is below -\n\nCVE-2022-35914\u00a0(CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability\nCVE-2022-33891\u00a0(CVSS score: 8.8) - Apache Spark Command Injection Vulnerability", "creation_timestamp": "2023-03-08T18:01:32.000000Z"}