7 min read 5 Nov 2019 by Robin Peraglie
5 min read 22 Oct 2019 by Robin Peraglie
5 min read 8 Oct 2019 by Dennis Brinkrolf
6 min read 3 Sep 2019 by Johannes Moritz
Bitbucket is one of the worlds leading version control software allowing millions of developers to manage Git repositories and collaborate on source code. Bitbucket is developed by the Australian software company Atlassian which is also kown for Confluence and Jira. In this blog post we will analyse how a common but often overseen security issue found by RIPS Code Analysis leads to a critical vulnerability in Bitbucket (CVE-2019-3397). The issue is caused by the insecure extraction of a compressed TAR archive.
15 min read 20 Aug 2019 by Robin Peraglie
SuiteCRM, a customer relationship software, is a great first economic choice as CRM software because it is free and open source. However, in this blog post we will see how a vulnerable web application deployed in the internal network of your company can act as a charming entry gateway for any adversary.