Safeguard
Tag

vulnerability-analysis

Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.

360 articles

Vulnerability Analysis

GitLab ExifTool RCE (CVE-2021-22205)

CVE-2021-22205 let attackers RCE self-managed GitLab via a malicious ExifTool-parsed upload — no auth required. Here's the timeline and fix.

Jan 11, 20268 min read
Vulnerability Analysis

OpenSSL BN_mod_sqrt infinite loop DoS (CVE-2022-0778)

CVE-2022-0778 lets attackers hang OpenSSL with a single malformed certificate. Here's the impact, affected versions, and how to remediate fast.

Jan 10, 20267 min read
Vulnerability Analysis

Dirty COW Linux kernel privilege escalation (CVE-2016-5195)

Dirty COW (CVE-2016-5195) let local attackers hijack a kernel race condition for root. Nine years old, still found in fleets — here's how to find and fix it.

Jan 10, 20268 min read
Vulnerability Analysis

Dirty Pipe Linux kernel arbitrary write (CVE-2022-0847)

Dirty Pipe (CVE-2022-0847) lets local attackers overwrite read-only files via a pipe buffer flaw, enabling fast, reliable root escalation on Linux and Android.

Jan 10, 20268 min read
Vulnerability Analysis

Kubernetes API server privilege escalation via aggregated API (CVE-2018-1002105)

A critical flaw in Kubernetes' aggregated API let unauthenticated users gain full admin privileges. Here's how it worked and how to fix it.

Jan 9, 20267 min read
Vulnerability Analysis

runc container escape via file descriptor overwrite (CVE-2019-5736)

CVE-2019-5736 let malicious containers overwrite the host runc binary and gain root — here's the mechanism, affected versions, and how to remediate it.

Jan 9, 20267 min read
Vulnerability Analysis

Linux cgroups release_agent container escape (CVE-2022-0492)

CVE-2022-0492 lets containers with CAP_SYS_ADMIN escape via cgroup v1's release_agent. Impact, timeline, and concrete remediation steps inside.

Jan 9, 20267 min read
Vulnerability Analysis

containerd-shim abstract Unix socket container escape (CVE-2020-15257)

CVE-2020-15257 let containers sharing a host network namespace abuse containerd-shim's abstract socket API. Here's the impact, fix, and remediation path.

Jan 9, 20267 min read
Vulnerability Analysis

Windows MSHTML Spoofing CVE-2024-43573 Explained

CVE-2024-43573 is a zero-day MSHTML spoofing flaw patched by Microsoft in October 2024. Here is the chain, detection, and why MSHTML keeps biting.

Jan 9, 20267 min read
Vulnerability Analysis

Kubernetes validating admission webhook bypass (CVE-2021-25735)

CVE-2021-25735 let attackers bypass Kubernetes validating admission webhooks on Node objects via a kube-apiserver flaw. Here's the fix and detection path.

Jan 8, 20267 min read
Vulnerability Analysis

Kubernetes kubelet symlink volume mount escape (CVE-2021-25741)

CVE-2021-25741 lets attackers escape subPath volume mounts in Kubernetes kubelet via a symlink race, exposing host files and enabling privilege escalation.

Jan 8, 20267 min read
Vulnerability Analysis

containerd CRI plugin mount escape (CVE-2022-23648)

CVE-2022-23648 let crafted pod volume specs bypass containerd's CRI mount isolation to reach arbitrary host files — versions, severity, and fixes.

Jan 8, 20266 min read
vulnerability-analysis (Page 13) — Safeguard Blog