CVE-2023-41933 - How a Jenkins Plugin Exposed Your Sensitive Data via XXE Attacks
When it comes to DevOps and continuous delivery, Jenkins is one of the most popular tools out there. Its flexibility and massive plugin ecosystem make
CVE-2023-41635 - How XXE Lets Hackers Read Any File on GruppoSCAI RealGimm v1.1.37p38
In this post, we’ll dive deep into a serious vulnerability—CVE-2023-41635—that affects the RealGimm system by GruppoSCAI. If you use RealGimm v1.1.
CVE-2022-48565 - How a plistlib Bug in Python Led to an XXE Security Vulnerability
In early 2023, security researchers identified a serious vulnerability in Python, specifically in its plistlib module, tracked as CVE-2022-48565. This issue made Python code that
CVE-2022-46751 - Understanding and Exploiting XML External Entity (XXE) & XML Injection in Apache Ivy
CVE-2022-46751 is a critical vulnerability affecting all versions of Apache Ivy prior to 2.5.2. The flaw resides in how Ivy handles XML files—
CVE-2023-3823 - The Hidden Risks in PHP’s XML Functions – How Leaky Global State Led to File Disclosure
In mid-2023, security researchers uncovered a subtle yet severe vulnerability in PHP, affecting versions 8. (before 8..30), 8.1 (before 8.1.22), and
Episode
00:00:00
00:00:00