CVE-2023-35943 - How Envoy’s CORS Filter Bug Can Crash Your Proxy (And How to Fix It)
Envoy is a popular open source edge and service proxy widely used in cloud-native environments. Because it sits between your users and your backend, the
CVE-2023-36826 - How Sentry’s Authorization Flaw Exposed Debug Artifacts (And What You Need To Know)
Sentry is a popular platform for error tracking and performance monitoring used by thousands of organizations. In 2023, a serious vulnerability was discovered in Sentry&
CVE-2023-35945 - Understanding and Exploiting a Memory Leak in Envoy’s HTTP/2 Codec
In June 2023, a critical security flaw—CVE-2023-35945—was reported in Envoy, a popular high-performance cloud-native edge and service proxy, often used in modern Kubernetes
CVE-2022-22302 - Clear Text Storage of Fortinet Private Keys Exposes Apple Push & GCM Channels
In today's cyber landscape, keeping secret keys truly secret is foundational to digital security. But sometimes, critical lapses let attackers walk through the
CVE-2023-35165 - Deep Dive Into Overly Permissive IAM Trust Policies in AWS CDK EKS Cluster Constructs
AWS CDK (Cloud Development Kit) is a powerful open source framework for defining cloud infrastructure using popular programming languages. It helps developers automate the setup
Episode
00:00:00
00:00:00