vulnerability-analysis
Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.
360 articles
node-ipc 'Protestware' Sabotage Code Shipped to Millions ...
How a rogue node-ipc update turned a trusted npm dependency into disk-wiping protestware, and what CVE-2022-23812 means for your supply chain.
Apache Ant 'Get' Task Certificate Validation Failure (CVE...
CVE-2020-1945 exposes insecure temp-file handling in Apache Ant, risking data leaks and build-tampering. Affected versions, CVSS/EPSS context, and fixes inside.
Git Argument Injection via Crafted SSH URL (CVE-2017-1000...
CVE-2017-1000117 let a malicious repo run code on anyone who cloned it via a crafted ssh:// URL. Impact, affected Git versions, CVSS, and fixes.
Git Remote Code Execution via Malicious .gitmodules Submo...
CVE-2018-11235 let a malicious .gitmodules file hijack Git submodule checkout, executing arbitrary code via post-checkout hooks on clone.
Git Clone RCE via Symlink Race on Case-Insensitive Filesy...
A patched Git flaw let attackers achieve remote code execution during clone via a symlink race on case-insensitive filesystems. Here's what teams need to know.
Git safe.directory Bypass Enabling Code Execution on Mult...
CVE-2022-24765 let local users on shared Windows systems bypass Git's ownership checks and trigger code execution via malicious repo configs. Here's the full breakdown.
Git Local Clone Information Disclosure via Hardlinks (CVE...
CVE-2022-39253 abuses Git's local clone hardlink optimization to leak files from outside a repository. Here's the impact, fix, and how to stay protected.
Git Heap Buffer Overflow via GIT_PUSH_OPTION_COUNT (CVE-2...
CVE-2022-39260 is a heap overflow in Git from an integer overflow in GIT_PUSH_OPTION_COUNT during git push. What changed, and how to remediate it.
Helm Chart Repository Index Cache Confusion Vulnerability...
CVE-2021-32690 is a Helm chart repository index cache confusion flaw fixed in 3.6.1 that could push users toward an unintended chart. Here's what matters.
SaltStack Authentication Bypass Behind Mass Salt-Master E...
CVE-2020-11651 let unauthenticated attackers hijack Salt masters, triggering mass exploitation within days of disclosure. Here is what happened and how to fix it.
SaltStack Directory Traversal Paired With Auth Bypass (CV...
CVE-2020-11652, a directory traversal flaw in SaltStack's salt-master, paired with an auth bypass to enable full remote compromise. Impact, CVSS/KEV context, and fixes.
Sonatype Nexus Repository Unauthenticated RCE via REST AP...
A deep dive into CVE-2019-7238, the unauthenticated RCE in Sonatype Nexus Repository Manager 3 that fueled cryptomining campaigns worldwide.