https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/tags/cve/Recent content in CVE onHugo -- gohugo.ioen-USThu, 11 Sep 2025 00:00:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/comics/fighting-vulnerabilities/Tue, 25 Jul 2023 15:35:05 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/comics/fighting-vulnerabilities/https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-intro/Fri, 30 Jun 2023 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-intro/A software vulnerability is a weakness in a program which, if left unaddressed, may be used by attackers to access, manipulate, or compromise a computer system. Vulnerabilities can be introduced at different stages of development and vary in their scope, criticality, and potential attack vector depending on their root cause. As a consequence, software developers spend time and resources triaging, remediating, and patching vulnerabilities to harden their software security and to prevent attackers from exploiting unintended program behavior.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-why-care/Thu, 13 Jul 2023 19:46:58 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-why-care/Software products are prone to vulnerabilities which, if exploited by an attacker, may negatively impact the systems and consumers relying on them. Attacks against vulnerable software systems can result in the unintended exposure and misuse of sensitive data (like the theft of user account credentials). In other cases, these attacks could affect the provision of a service, or compromise critical infrastructure that relies on the software. Given the considerable threat that they can pose, it is important that developers spend time mitigating vulnerabilities to protect against hackers seeking to exploit them.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/infamous-cves/Fri, 21 Jul 2023 19:16:39 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/infamous-cves/Software vulnerabilities vary in their severity – some are difficult to exploit and have minimal implications, while others can be exploited easily, giving an attacker significant leverage over a computer system. In cases where widely-implemented software contains high-severity vulnerabilities, the damage caused by their exploitation can affect millions of developers and services worldwide. In this article, you will learn how the KEV Catalog tracks known exploited software vulnerabilities, and how it serves as a tool for developers and federal agencies.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-remediation/Mon, 31 Jul 2023 14:04:10 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/software-security/cves/cve-remediation/At worst, a software vulnerability can impose a critical security flaw that warrants attention. Developers care about mitigating software vulnerabilities because their presence may harm the integrity of their product, negatively affect downstream users, or slow down efforts toward meeting regulatory requirements. However, modern software development practices which incorporate third-party packages in addition to newly scripted code can complicate the vulnerability remediation process. Keeping track of how and where vulnerabilities are introduced, as well as what introduced them, is an arduous task when multitudes of dependencies are working together.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/cve-risk/Thu, 16 Nov 2023 11:07:52 +0200https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/cve-risk/Common vulnerabilities and exposures (CVEs) are an increasing concern for developers and organizations, which is why Chainguard developed its minimal container images that reduce the attack surface. A new CVE in a widely-used application or a vulnerability scan with numerous positive results can significantly impact security posture, compliance requirements, and development timelines. Chances are, your software has already been impacted by a CVE. It’s likely there are active CVEs in software you are using.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/cve-remediation/Thu, 11 Sep 2025 00:00:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/cve-remediation/CVE remediation is a feature in Chainguard Libraries that provides security protection against critical and high CVEs, while medium or low CVEs are not considered. Applications often rely on older versions of libraries, but upstream maintainers may not apply and release patches for those versions. CVE remediation addresses this gap by applying vulnerability fixes from newer releases to older releases, particularly in cases where maintainers are no longer able to support and provide fixes.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/updating-images/how-eol-software-accumulates-cves/Wed, 04 Dec 2024 11:07:52 +0200https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/updating-images/how-eol-software-accumulates-cves/Typically, specific versions of software receive updates on a schedule for a set amount of time. Eventually, though, every version of software will stop receiving support. When project maintainers stop providing updates, it’s known as the End-of-Life (EOL) stage. Because it’s no longer being actively maintained, software begins to collect vulnerabilities when it reaches EOL. This problem can become compounded when using container images, as they often come with extra components from underlying base images which are all prone to accruing vulnerabilities.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/security-advisories/how-to-use/Wed, 27 Dec 2023 11:07:52 +0200https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/security-advisories/how-to-use/When using scanners such as Grype or Docker Scout to scan for vulnerabilities in Chainguard Containers, you’ll often find that there are few or no CVEs present. However, CVEs can sometimes be found in Chainguard Containers, and you may also encounter CVEs if you’re using older tags. In these cases, you will likely wish to check Chainguard’s security advisories for information on which CVEs will cause security issues in your deployment.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/security-advisories/how-chainguard-issues/Fri, 26 Jul 2024 18:09:12 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/staying-secure/security-advisories/how-chainguard-issues/When you scan a newly-built Chainguard Container with a vulnerability scanner, typically, no CVEs will be reported. However, as software packages age, more vulnerabilities are reported and CVEs will begin to accumulate in container images. When this happens, Chainguard releases security advisories to communicate these vulnerabilities to downstream images users. In alignment with the Chainguard Container Product Release Lifecycle, our vulnerability management strategy focuses on the latest versions of any given release track, as these are the versions we actively maintain and secure.