Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

CVE-2015-6420: Deserialization vulnerability via Apache C...

How a vulnerable Apache Commons Collections library let attackers achieve remote code execution via Java deserialization gadget chains, and what CVE-2015-6420 still teaches about supply chain risk.

Sep 30, 20258 min read
Vulnerability Analysis

CVE-2019-12384: Polymorphic deserialization gadget in Jac...

CVE-2019-12384 is a Jackson-databind polymorphic deserialization gadget flaw via Ehcache's transaction manager class, patched in 2.9.9.1.

Sep 30, 20257 min read
Vulnerability Analysis

CVE-2019-12814: Jackson-databind polymorphic type gadget ...

A look at CVE-2019-12814, a jackson-databind polymorphic typing gadget tied to JAXB classes, its risk profile, and how to remediate it in modern Java stacks.

Sep 30, 20257 min read
Vulnerability Analysis

CVE-2019-14379: Jackson-databind deserialization via jdk....

CVE-2019-14379 lets attackers abuse jackson-databind's polymorphic deserialization via a JDK Nashorn gadget class. Here's the risk, fix, and detection guidance.

Sep 29, 20257 min read
Vulnerability Analysis

CVE-2019-14540: Jackson-databind blacklist bypass via c3p...

CVE-2019-14540 lets attackers bypass jackson-databind's deserialization blacklist via c3p0 classes to achieve RCE. Here's what's affected, the timeline, and how to remediate.

Sep 29, 20257 min read
Vulnerability Analysis

CVE-2019-16335: Jackson-databind gadget via jackson-dataf...

CVE-2019-16335 is a jackson-databind polymorphic deserialization flaw tied to jackson-dataformat-cbor, fixed in 2.9.10. Here's the impact, timeline, and fix.

Sep 29, 20257 min read
Vulnerability Analysis

CVE-2020-1938 (Ghostcat): File inclusion via Apache Tomca...

Ghostcat (CVE-2020-1938) let attackers read files—and often achieve RCE—via Tomcat's default, unauthenticated AJP connector. Here's the risk, fix, and KEV context.

Sep 24, 20257 min read
Vulnerability Analysis

CVE-2021-33037: HTTP request smuggling in Apache Tomcat

CVE-2021-33037 let malformed HTTP trailers desync Apache Tomcat from front-end proxies, enabling request smuggling. Here's what's affected and how to remediate.

Sep 24, 20257 min read
Vulnerability Analysis

CVE-2019-0232: Remote code execution in Apache Tomcat CGI...

CVE-2019-0232 lets attackers execute arbitrary commands on Windows-hosted Apache Tomcat via the CGI Servlet. Here's the CVSS 9.8 detail, affected versions, and fixes.

Sep 24, 20258 min read
Vulnerability Analysis

CVE-2020-9484: Deserialization RCE via Apache Tomcat Pers...

A deep dive into CVE-2020-9484, the Apache Tomcat PersistenceManager deserialization RCE — affected versions, CVSS/EPSS context, and remediation steps.

Sep 23, 20257 min read
Vulnerability Analysis

CVE-2021-25122: Request mix-up via Apache Tomcat h2c support

CVE-2021-25122 let Apache Tomcat mix up HTTP responses between concurrent users via the h2c upgrade path. Here's the impact, affected versions, and how to remediate.

Sep 23, 20256 min read
Vulnerability Analysis

CVE-2021-25329: Incomplete fix of Tomcat PersistenceManag...

CVE-2021-25329 shows how Tomcat's PersistenceManager deserialization fix (CVE-2020-9484) was incomplete, still risking RCE in edge-case configs.

Sep 23, 20258 min read
Vulnerability Analysis (Page 38) — Supply Chain Security Blog | Safeguard