Security

When URL parsers disagree (CVE-2023-38633)

Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.

Zac SimsSep 5, 2023

Security

Discovering Headroll (CVE-2023–0704) in Chromium

Discovery of Headless Chromium security vulnerability, how it works, and mitigations that should be applied to similar configurations

Zac Sims, Rhys ElsmoreApr 5, 2023