Safeguard
Tag

vulnerability-analysis

Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.

360 articles

Vulnerability Analysis

node-ipc 'Protestware' Sabotage Code Shipped to Millions ...

How a rogue node-ipc update turned a trusted npm dependency into disk-wiping protestware, and what CVE-2022-23812 means for your supply chain.

Dec 1, 20258 min read
Vulnerability Analysis

Apache Ant 'Get' Task Certificate Validation Failure (CVE...

CVE-2020-1945 exposes insecure temp-file handling in Apache Ant, risking data leaks and build-tampering. Affected versions, CVSS/EPSS context, and fixes inside.

Nov 28, 20257 min read
Vulnerability Analysis

Git Argument Injection via Crafted SSH URL (CVE-2017-1000...

CVE-2017-1000117 let a malicious repo run code on anyone who cloned it via a crafted ssh:// URL. Impact, affected Git versions, CVSS, and fixes.

Nov 28, 20258 min read
Vulnerability Analysis

Git Remote Code Execution via Malicious .gitmodules Submo...

CVE-2018-11235 let a malicious .gitmodules file hijack Git submodule checkout, executing arbitrary code via post-checkout hooks on clone.

Nov 28, 20257 min read
Vulnerability Analysis

Git Clone RCE via Symlink Race on Case-Insensitive Filesy...

A patched Git flaw let attackers achieve remote code execution during clone via a symlink race on case-insensitive filesystems. Here's what teams need to know.

Nov 27, 20258 min read
Vulnerability Analysis

Git safe.directory Bypass Enabling Code Execution on Mult...

CVE-2022-24765 let local users on shared Windows systems bypass Git's ownership checks and trigger code execution via malicious repo configs. Here's the full breakdown.

Nov 27, 20257 min read
Vulnerability Analysis

Git Local Clone Information Disclosure via Hardlinks (CVE...

CVE-2022-39253 abuses Git's local clone hardlink optimization to leak files from outside a repository. Here's the impact, fix, and how to stay protected.

Nov 27, 20258 min read
Vulnerability Analysis

Git Heap Buffer Overflow via GIT_PUSH_OPTION_COUNT (CVE-2...

CVE-2022-39260 is a heap overflow in Git from an integer overflow in GIT_PUSH_OPTION_COUNT during git push. What changed, and how to remediate it.

Nov 27, 20257 min read
Vulnerability Analysis

Helm Chart Repository Index Cache Confusion Vulnerability...

CVE-2021-32690 is a Helm chart repository index cache confusion flaw fixed in 3.6.1 that could push users toward an unintended chart. Here's what matters.

Nov 24, 20258 min read
Vulnerability Analysis

SaltStack Authentication Bypass Behind Mass Salt-Master E...

CVE-2020-11651 let unauthenticated attackers hijack Salt masters, triggering mass exploitation within days of disclosure. Here is what happened and how to fix it.

Nov 23, 20257 min read
Vulnerability Analysis

SaltStack Directory Traversal Paired With Auth Bypass (CV...

CVE-2020-11652, a directory traversal flaw in SaltStack's salt-master, paired with an auth bypass to enable full remote compromise. Impact, CVSS/KEV context, and fixes.

Nov 23, 20257 min read
Vulnerability Analysis

Sonatype Nexus Repository Unauthenticated RCE via REST AP...

A deep dive into CVE-2019-7238, the unauthenticated RCE in Sonatype Nexus Repository Manager 3 that fueled cryptomining campaigns worldwide.

Nov 23, 20257 min read
vulnerability-analysis (Page 23) — Safeguard Blog