Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
urllib3 regular expression denial of service (CVE-2021-33503)
A deep dive into CVE-2021-33503, the urllib3 ReDoS flaw in Python's core HTTP library, its real-world exposure, and how to remediate it.
urllib3 cookie/auth header leak on cross-origin redirect (CVE-2023-43804)
CVE-2023-43804 lets urllib3 leak Cookie headers on cross-origin redirects. See affected versions, severity context, and how to remediate fast.
PyYAML full_load unsafe deserialization arbitrary code execution (CVE-2020-14343)
CVE-2020-14343 shows PyYAML's full_load/FullLoader "safe" fix was incomplete, enabling arbitrary code execution. Here's the fix and how to detect exposure.
PyYAML Loader arbitrary code execution (CVE-2017-18342)
PyYAML's default yaml.load() Loader lets attackers run arbitrary code via crafted YAML input. Here's how CVE-2017-18342 works and how to fix it.
IPython crafted directory code execution (CVE-2022-21699)
CVE-2022-21699 lets attackers plant crafted profile files in shared directories, triggering silent code execution when victims launch IPython or Jupyter sessions.
Python urllib.parse NFKC normalization blocklist bypass (CVE-2023-24329)
CVE-2023-24329 let attackers bypass URL blocklists via leading blank characters in Python's urllib.parse, enabling SSRF and filter evasion.
Python mailcap insecure shell command construction (CVE-2015-20107)
Python mailcap shell injection (CVE-2015-20107) lets attackers run arbitrary commands via unescaped filenames. Here is how to detect and fix it.
Python tarfile extraction path traversal, the 15-year-old flaw (CVE-2007-4559)
CVE-2007-4559, a path traversal flaw in Python's tarfile module, still lurks in hundreds of thousands of repos. Here's the impact, timeline, and fix.
Python email module address-parsing confusion (CVE-2023-27043)
CVE-2023-27043 shows how a Python email-parsing quirk lets attackers spoof trusted domains and bypass allowlist-based access controls silently.
Kubernetes Python client aggregated API vulnerability (CVE-2022-3172)
CVE-2022-3172 lets a rogue aggregated API backend redirect authenticated Kubernetes API traffic, exposing Python client apps to credential theft.
Django str.format denial of service (CVE-2023-41164)
CVE-2023-41164 lets attackers DoS Django apps via a str.format() flaw in uri_to_iri(). Here's what's affected, severity context, and how to fix it.
Django admin ChangeList path traversal (CVE-2021-33203)
CVE-2021-33203 is a staff-only path traversal in Django's admindocs TemplateDetailView. Here's what's affected, its CVSS/EPSS profile, and how to remediate it.