Category
How we do endpoint vulnerability management at Canva.
How we validate vendor security at Canva by going beyond compliance.
CVEs in three strange places and the unique problem of safely processing and handling fonts.
Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.
Discovery of Headless Chromium security vulnerability, how it works, and mitigations that should be applied to similar configurations