Blog Archive

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

15 avril 2019

Enriched content on Snyk’s publicly available vulnerability database

8 avril 2019

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

4 avril 2019

Snyking in - regular expression denial of service vulnerability exploit in the ms package

13 mars 2019

Top ten Docker images contain over 8000 vulnerable paths

7 mars 2019

Snyking in - Directory traversal vulnerability exploit in the st package

25 février 2019

A serious security flaw in runC can result in root privilege escalation in Docker and Kubernetes

13 février 2019

NumPy arbitrary code execution vulnerability

5 février 2019

Severe security vulnerability in Bower’s zip archive extraction

31 janvier 2019

Critical Arbitrary Code Execution Vulnerability Found in Kubernetes

20 décembre 2018

Report Shows the Equifax Breach was "Entirely Preventable"

18 décembre 2018

A post-mortem of the malicious event-stream backdoor

6 décembre 2018

Malicious code found in npm package event-stream downloaded 8 million times in the past 2.5 months

27 novembre 2018

Behind the disclosure: the Zip Slip vulnerability

15 août 2018

How to crash an email server with a single email

1 août 2018

Zip Slip Vulnerability Cheat Sheet

28 juin 2018

Public Disclosure of a Critical Arbitrary File Overwrite Vulnerability: Zip Slip

5 juin 2018

Attacking an FTP Client: MGETting more than you bargained for

4 avril 2018

What’s a known vulnerability?

6 février 2018

Where do security patches come from?

25 janvier 2018

npm Shrinkwrap reloaded: Locking npm Deps with Package-Lock and Yarn.Lock

10 janvier 2018