Tag
cwe-434
Safeguard articles tagged "cwe-434" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
Arbitrary file upload vulnerabilities explained
Arbitrary file upload flaws (CWE-434) have caused breaches from Equifax to GitLab. Here's how they work, the CVEs that prove it, and how to stop them.
Dec 12, 20257 min read
Industry Analysis
Unrestricted File Upload Vulnerabilities
Unrestricted file upload flaws let attackers turn a simple upload form into remote code execution. Here's how real-world CVEs happened, and how to prevent them.
Oct 30, 20257 min read