information disclosure
Safeguard articles tagged "information disclosure" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators
CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.
Git Local Clone Information Disclosure via Hardlinks (CVE...
CVE-2022-39253 abuses Git's local clone hardlink optimization to leak files from outside a repository. Here's the impact, fix, and how to stay protected.
Jenkins Arbitrary File Read via Crafted CLI Command (CVE-...
CVE-2018-1999002 let attackers read arbitrary files from Jenkins masters via crafted requests to the Stapler framework, exposing secrets and credentials.
Sensitive Information Exposure in Error Messages
Stack traces, SQL errors, and debug pages routinely leak credentials, paths, and library versions to attackers. Here's how CWE-209 exposure happens and how to close it.