DEV Community

Mohamed AboElKheir profile picture

Mohamed AboElKheir

Helping teams build secure software

How Reachability Analysis 🔎 can help with open source vulnerabilities mess (Coana as an example)

How Reachability Analysis 🔎 can help with open source vulnerabilities mess (Coana as an example)

Comments
10 min read
Lessons Learned #4: One error message could expose all your data (FileSender CVE-2024–45186)

Lessons Learned #4: One error message could expose all your data (FileSender CVE-2024–45186)

Comments
5 min read
Lessons Learned #3: Is your random UUID really random? (Account takeover with the sandwich 🥪 attack)

Lessons Learned #3: Is your random UUID really random? (Account takeover with the sandwich 🥪 attack)

Comments
7 min read
Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature (Clickhouse CVE-2024-22412)

Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature (Clickhouse CVE-2024-22412)

Comments
4 min read
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase CVE-2023–38646)

Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase CVE-2023–38646)

Comments
4 min read
How to make “Input validation” easy for your devs

How to make “Input validation” easy for your devs

1
Comments
5 min read