Tag
cwe-20
Safeguard articles tagged "cwe-20" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
Python email module address-parsing confusion (CVE-2023-27043)
CVE-2023-27043 shows how a Python email-parsing quirk lets attackers spoof trusted domains and bypass allowlist-based access controls silently.
Dec 28, 20259 min read
Vulnerability Analysis
Improper input validation (CWE-20) explained
CWE-20 explained: how improper input validation causes SQLi, RCE, and DoS, with real CVEs like Equifax's Struts breach and how to detect and fix it.
Dec 1, 20257 min read