/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\String;

if (!\function_exists(u::class)) {
    function u(?string $string = ''): UnicodeString
    {
        return new UnicodeString($string ?? '');
    }
}

if (!\function_exists(b::class)) {
    function b(?string $string = ''): ByteString
    {
        return new ByteString($string ?? '');
    }
}

if (!\function_exists(s::class)) {
    /**
     * @return UnicodeString|ByteString
     */
    function s(?string $string = ''): AbstractString
    {
        $string = $string ?? '';

        return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string);
    }
}
<!DOCTYPE html>
<html lang="en-US">

<head>
	<meta charset='UTF-8'>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="profile" href="http://gmpg.org/xfn/11">
		<title>Flaw &#8211; Page 8 &#8211; OWASP Jakarta</title>
<meta name='robots' content='max-image-preview:large' />
	<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>
	<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Feed" href="https://owasp.or.id/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Comments Feed" href="https://owasp.or.id/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Flaw Tag Feed" href="https://owasp.or.id/tag/flaw/feed/" />
<script type="text/javascript">
/* <![CDATA[ */
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/owasp.or.id\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.8.1"}};
/*! This file is auto-generated */
!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\ud83d\udd25","\ud83d\udc26\u200b\ud83d\udd25")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);
/* ]]> */
</script>
<style id='wp-emoji-styles-inline-css' type='text/css'>

	img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}
</style>
<link rel='stylesheet' id='wp-block-library-css' href='https://owasp.or.id/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1' type='text/css' media='all' />
<style id='classic-theme-styles-inline-css' type='text/css'>
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
</style>
<style id='global-styles-inline-css' type='text/css'>
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--accent: #e91e63;--wp--preset--color--background-color: #E5E5E5;--wp--preset--color--header-gradient: #a81d84;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:root :where(.is-layout-flow) > :first-child{margin-block-start: 0;}:root :where(.is-layout-flow) > :last-child{margin-block-end: 0;}:root :where(.is-layout-flow) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-constrained) > :first-child{margin-block-start: 0;}:root :where(.is-layout-constrained) > :last-child{margin-block-end: 0;}:root :where(.is-layout-constrained) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-flex){gap: 24px;}:root :where(.is-layout-grid){gap: 24px;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-color{color: var(--wp--preset--color--accent) !important;}.has-background-color-color{color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-color{color: var(--wp--preset--color--header-gradient) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-background-color{background-color: var(--wp--preset--color--accent) !important;}.has-background-color-background-color{background-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-background-color{background-color: var(--wp--preset--color--header-gradient) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-border-color{border-color: var(--wp--preset--color--accent) !important;}.has-background-color-border-color{border-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-border-color{border-color: var(--wp--preset--color--header-gradient) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
:root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;}
</style>
<link rel='stylesheet' id='bootstrap-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='hestia-font-sizes-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.2.11' type='text/css' media='all' />
<link rel='stylesheet' id='hestia_style-css' href='https://owasp.or.id/wp-content/themes/hestia/style.min.css?ver=3.2.11' type='text/css' media='all' />
<style id='hestia_style-inline-css' type='text/css'>
.hestia-top-bar,.hestia-top-bar .widget.widget_shopping_cart .cart_list{background-color:#363537}.hestia-top-bar .widget .label-floating input[type=search]:-webkit-autofill{-webkit-box-shadow:inset 0 0 0 9999px #363537}.hestia-top-bar,.hestia-top-bar .widget .label-floating input[type=search],.hestia-top-bar .widget.widget_search form.form-group:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_shopping_cart:before{color:#fff}.hestia-top-bar .widget .label-floating input[type=search]{-webkit-text-fill-color:#fff !important}.hestia-top-bar div.widget.widget_shopping_cart:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_search form.form-group:before{background-color:#fff}.hestia-top-bar a,.hestia-top-bar .top-bar-nav li a{color:#fff}.hestia-top-bar ul li a[href*="mailto:"]:before,.hestia-top-bar ul li a[href*="tel:"]:before{background-color:#fff}.hestia-top-bar a:hover,.hestia-top-bar .top-bar-nav li a:hover{color:#eee}.hestia-top-bar ul li:hover a[href*="mailto:"]:before,.hestia-top-bar ul li:hover a[href*="tel:"]:before{background-color:#eee}
:root{--hestia-primary-color:#e91e63}a,.navbar .dropdown-menu li:hover>a,.navbar .dropdown-menu li:focus>a,.navbar .dropdown-menu li:active>a,.navbar .navbar-nav>li .dropdown-menu li:hover>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:hover,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:focus,a:hover,.card-blog a.moretag:hover,.card-blog a.more-link:hover,.widget a:hover,.has-text-color.has-accent-color,p.has-text-color a{color:#e91e63}.svg-text-color{fill:#e91e63}.pagination span.current,.pagination span.current:focus,.pagination span.current:hover{border-color:#e91e63}button,button:hover,.woocommerce .track_order button[type="submit"],.woocommerce .track_order button[type="submit"]:hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="button"],input[type="button"]:hover,input[type="submit"],input[type="submit"]:hover,input#searchsubmit,.pagination span.current,.pagination span.current:focus,.pagination span.current:hover,.btn.btn-primary,.btn.btn-primary:link,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary.active:focus,.btn.btn-primary.active:hover,.btn.btn-primary:active:hover,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.hestia-sidebar-open.btn.btn-rose:focus,.hestia-sidebar-close.btn.btn-rose:focus,.label.label-primary,.hestia-work .portfolio-item:nth-child(6n+1) .label,.nav-cart .nav-cart-content .widget .buttons .button,.has-accent-background-color[class*="has-background"]{background-color:#e91e63}@media(max-width:768px){.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus,.navbar .navbar-nav .dropdown .dropdown-menu li a:hover,.navbar .navbar-nav .dropdown .dropdown-menu li a:focus,.navbar button.navbar-toggle:hover,.navbar .navbar-nav li:hover>a i{color:#e91e63}}body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close),body:not(.woocommerce-page) .button:not([class^="fl-"]):not(hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):not(.product_type_grouped):not(.product_type_external),div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,input[type="submit"],input[type="button"],.btn.btn-primary,.widget_product_search button[type="submit"],.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.everest-forms button[type=submit].everest-forms-submit-button{-webkit-box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12);box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12)}.card .header-primary,.card .content-primary,.everest-forms button[type=submit].everest-forms-submit-button{background:#e91e63}body:not(.woocommerce-page) .button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):hover,body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close):hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="submit"]:hover,input[type="button"]:hover,input#searchsubmit:hover,.widget_product_search button[type="submit"]:hover,.pagination span.current,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.pagination span.current:hover,.everest-forms button[type=submit].everest-forms-submit-button:hover,.everest-forms button[type=submit].everest-forms-submit-button:focus,.everest-forms button[type=submit].everest-forms-submit-button:active{-webkit-box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);color:#fff}.form-group.is-focused .form-control{background-image:-webkit-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:-webkit-linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2))}.navbar:not(.navbar-transparent) li:not(.btn):hover>a,.navbar li.on-section:not(.btn)>a,.navbar.full-screen-menu.navbar-transparent li:not(.btn):hover>a,.navbar.full-screen-menu .navbar-toggle:hover,.navbar:not(.navbar-transparent) .nav-cart:hover,.navbar:not(.navbar-transparent) .hestia-toggle-search:hover{color:#e91e63}.header-filter-gradient{background:linear-gradient(45deg,rgba(168,29,132,1) 0,rgb(234,57,111) 100%)}.has-text-color.has-header-gradient-color{color:#a81d84}.has-header-gradient-background-color[class*="has-background"]{background-color:#a81d84}.has-text-color.has-background-color-color{color:#E5E5E5}.has-background-color-background-color[class*="has-background"]{background-color:#E5E5E5}
.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){padding-top:15px;padding-bottom:15px;padding-left:33px;padding-right:33px}
:root{--hestia-button-border-radius:3px}.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,input[type="submit"].search-submit,.hestia-view-cart-wrapper .added_to_cart.wc-forward,.woocommerce-product-search button,.woocommerce-cart .actions .button,#secondary div[id^=woocommerce_price_filter] .button,.woocommerce div[id^=woocommerce_widget_cart].widget .buttons .button,.searchform input[type=submit],.searchform button,.search-form:not(.media-toolbar-primary) input[type=submit],.search-form:not(.media-toolbar-primary) button,.woocommerce-product-search input[type=submit],.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){border-radius:3px}
@media(min-width:769px){.page-header.header-small .hestia-title,.page-header.header-small .title,h1.hestia-title.title-in-content,.main article.section .has-title-font-size{font-size:42px}}
</style>
<link rel='stylesheet' id='hestia_fonts-css' href='https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&#038;subset=latin%2Clatin-ext&#038;ver=3.2.11' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script>
<link rel="https://api.w.org/" href="https://owasp.or.id/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://owasp.or.id/wp-json/wp/v2/tags/113" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://owasp.or.id/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 6.8.1" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt-150x150.png" sizes="32x32" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
<meta name="msapplication-TileImage" content="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
</head>

<body class="archive paged tag tag-flaw tag-113 wp-custom-logo paged-8 tag-paged-8 wp-theme-hestia header-layout-default">
		<div class="wrapper  default ">
		<header class="header ">
			<div style="display: none"></div>		<nav class="navbar navbar-default  hestia_left navbar-not-transparent navbar-fixed-top">
						<div class="container">
						<div class="navbar-header">
			<div class="title-logo-wrapper">
				<a class="navbar-brand" href="https://owasp.or.id/"
						title="OWASP Jakarta">
					<img  src="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" alt="OWASP Jakarta" width="1667" height="563"></a>
			</div>
								<div class="navbar-toggle-wrapper">
						<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navigation">
								<span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>				<span class="sr-only">Toggle Navigation</span>
			</button>
					</div>
				</div>
		<div id="main-navigation" class="collapse navbar-collapse"><ul id="menu-home" class="nav navbar-nav"><li id="menu-item-386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-386"><a title="Home" href="https://owasp.or.id">Home</a></li>
<li id="menu-item-383" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-383 dropdown"><a title="Meetup" href="https://owasp.or.id/meetup/" class="dropdown-toggle">Meetup <span class="caret-wrap"><span class="caret"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="chevron-down" class="svg-inline--fa fa-chevron-down fa-w-14" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z"></path></svg></span></span></a>
<ul role="menu" class="dropdown-menu">
	<li id="menu-item-457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-457"><a title="Meetup.com" href="https://www.meetup.com/owasp-jakarta-chapter/">Meetup.com</a></li>
</ul>
</li>
<li id="menu-item-385" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-385"><a title="Sitemap" href="https://owasp.or.id/sitemap_index.xml">Sitemap</a></li>
<li id="menu-item-384" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-384"><a title="Contact" href="https://owasp.or.id/contact/">Contact</a></li>
</ul></div>			</div>
					</nav>
				</header>
<div id="primary" class="boxed-layout-header page-header header-small" data-parallax="active" ><div class="container"><div class="row"><div class="col-md-10 col-md-offset-1 text-center"><h1 class="hestia-title">Flaw</h1></div></div></div><div class="header-filter" style="background-image: url(https://owasp.or.id/wp-content/uploads/2023/10/cropped-owaspjkt3.webp);"></div></div>
<div class="main  main-raised ">
	<div class="hestia-blogs" data-layout="full-width">
		<div class="container">
			<div class="row">
								<div class="col-md-10 col-md-offset-1 blog-posts-wrap">
					<article 
		id="post-1715" 
		class="card card-blog card-plain post-1715 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-critical tag-exposes tag-flaw tag-jetbrains tag-onpremises tag-servers tag-takeover tag-teamcity"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/02/07/critical-jetbrains-teamcity-on-premises-flaw-exposes-servers-to-takeover/" title="Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/02/Critical-JetBrains-TeamCity-On-Premises-Flaw-Exposes-Servers-to-Takeover-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="TeamCity On-Premises Flaw" decoding="async" fetchpriority="high" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/02/07/critical-jetbrains-teamcity-on-premises-flaw-exposes-servers-to-takeover/" title="Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover" rel="bookmark">Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover</a></h2><div class="card-description entry-summary "><p>Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover Feb 07, 2024NewsroomCybersecurity / Software Security JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked<a class="moretag" href="https://owasp.or.id/2024/02/07/critical-jetbrains-teamcity-on-premises-flaw-exposes-servers-to-takeover/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/02/07/critical-jetbrains-teamcity-on-premises-flaw-exposes-servers-to-takeover/"><time class="entry-date published" datetime="2024-02-07T23:08:33+00:00" content="2024-02-07">1 year</time> ago </a></div></div></div></article><article 
		id="post-1705" 
		class="card card-blog card-plain post-1705 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-breach tag-chinese tag-dutch tag-exploited tag-flaw tag-fortigate tag-hackers tag-military tag-network"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/02/07/chinese-hackers-exploited-fortigate-flaw-to-breach-dutch-military-network/" title="Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/02/Chinese-Hackers-Exploited-FortiGate-Flaw-to-Breach-Dutch-Military-Network-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Dutch Military Network" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/02/07/chinese-hackers-exploited-fortigate-flaw-to-breach-dutch-military-network/" title="Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network" rel="bookmark">Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network</a></h2><div class="card-description entry-summary "><p>Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network Feb 07, 2024NewsroomCyber Espionage / Network Security Chinese state-backed hackers broke into a computer network that&#8217;s used by the Dutch armed forces by targeting Fortinet FortiGate devices. &#8220;This [computer network] was used for unclassified research and development (R&amp;D),&#8221; the Dutch<a class="moretag" href="https://owasp.or.id/2024/02/07/chinese-hackers-exploited-fortigate-flaw-to-breach-dutch-military-network/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/02/07/chinese-hackers-exploited-fortigate-flaw-to-breach-dutch-military-network/"><time class="entry-date published" datetime="2024-02-07T08:00:06+00:00" content="2024-02-07">1 year</time> ago </a></div></div></div></article><article 
		id="post-1699" 
		class="card card-blog card-plain post-1699 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-exploitation tag-flaw tag-ivanti tag-mass tag-products tag-ssrf tag-undergoes tag-vpn"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/02/06/recent-ssrf-flaw-in-ivanti-vpn-products-undergoes-mass-exploitation/" title="Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/02/Recent-SSRF-Flaw-in-Ivanti-VPN-Products-Undergoes-Mass-Exploitation-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Ivanti VPN Products" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/02/06/recent-ssrf-flaw-in-ivanti-vpn-products-undergoes-mass-exploitation/" title="Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation" rel="bookmark">Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation</a></h2><div class="card-description entry-summary "><p>Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation Feb 06, 2024NewsroomCybersecurity / Vulnerability A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique<a class="moretag" href="https://owasp.or.id/2024/02/06/recent-ssrf-flaw-in-ivanti-vpn-products-undergoes-mass-exploitation/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/02/06/recent-ssrf-flaw-in-ivanti-vpn-products-undergoes-mass-exploitation/"><time class="entry-date published" datetime="2024-02-06T22:55:59+00:00" content="2024-02-06">1 year</time> ago </a></div></div></div></article><article 
		id="post-1673" 
		class="card card-blog card-plain post-1673 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-banking tag-exploiting tag-flaw tag-mispadu tag-smartscreen tag-trojan tag-windows"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/02/05/new-mispadu-banking-trojan-exploiting-windows-smartscreen-flaw/" title="New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/02/New-Mispadu-Banking-Trojan-Exploiting-Windows-SmartScreen-Flaw-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Mispadu Banking Trojan" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/02/05/new-mispadu-banking-trojan-exploiting-windows-smartscreen-flaw/" title="New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw" rel="bookmark">New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw</a></h2><div class="card-description entry-summary "><p>New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw Feb 05, 2024NewsroomMalware / Financial Security The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that<a class="moretag" href="https://owasp.or.id/2024/02/05/new-mispadu-banking-trojan-exploiting-windows-smartscreen-flaw/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/02/05/new-mispadu-banking-trojan-exploiting-windows-smartscreen-flaw/"><time class="entry-date published" datetime="2024-02-05T07:35:26+00:00" content="2024-02-05">1 year</time> ago </a></div></div></div></article><article 
		id="post-1637" 
		class="card card-blog card-plain post-1637 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-access tag-attackers tag-distros tag-flaw tag-glibc tag-grants tag-linux tag-major tag-root"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/01/31/new-glibc-flaw-grants-attackers-root-access-on-major-linux-distros/" title="New Glibc Flaw Grants Attackers Root Access on Major Linux Distros"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/01/New-Glibc-Flaw-Grants-Attackers-Root-Access-on-Major-Linux-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Linux Hacking" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/31/new-glibc-flaw-grants-attackers-root-access-on-major-linux-distros/" title="New Glibc Flaw Grants Attackers Root Access on Major Linux Distros" rel="bookmark">New Glibc Flaw Grants Attackers Root Access on Major Linux Distros</a></h2><div class="card-description entry-summary "><p>New Glibc Flaw Grants Attackers Root Access on Major Linux Distros Jan 31, 2024NewsroomVulnerability / Endpoint Security Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer<a class="moretag" href="https://owasp.or.id/2024/01/31/new-glibc-flaw-grants-attackers-root-access-on-major-linux-distros/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/31/new-glibc-flaw-grants-attackers-root-access-on-major-linux-distros/"><time class="entry-date published" datetime="2024-01-31T06:38:01+00:00" content="2024-01-31">1 year</time> ago </a></div></div></div></article><article 
		id="post-1633" 
		class="card card-blog card-plain post-1633 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-creation tag-critical tag-file tag-flaw tag-gitlab tag-overwrite tag-upgrade tag-urgent tag-workspace"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/01/30/urgent-upgrade-gitlab-critical-workspace-creation-flaw-allows-file-overwrite/" title="URGENT: Upgrade GitLab &#8211; Critical Workspace Creation Flaw Allows File Overwrite"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/01/URGENT-Upgrade-GitLab-Critical-Workspace-Creation-Flaw-Allows-File-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="GitLab" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/30/urgent-upgrade-gitlab-critical-workspace-creation-flaw-allows-file-overwrite/" title="URGENT: Upgrade GitLab &#8211; Critical Workspace Creation Flaw Allows File Overwrite" rel="bookmark">URGENT: Upgrade GitLab &#8211; Critical Workspace Creation Flaw Allows File Overwrite</a></h2><div class="card-description entry-summary "><p>URGENT: Upgrade GitLab &#8211; Critical Workspace Creation Flaw Allows File Overwrite Jan 30, 2024NewsroomDevSecOps / Vulnerability GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as<a class="moretag" href="https://owasp.or.id/2024/01/30/urgent-upgrade-gitlab-critical-workspace-creation-flaw-allows-file-overwrite/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/30/urgent-upgrade-gitlab-critical-workspace-creation-flaw-allows-file-overwrite/"><time class="entry-date published" datetime="2024-01-30T21:34:43+00:00" content="2024-01-30">1 year</time> ago </a></div></div></div></article><article 
		id="post-1604" 
		class="card card-blog card-plain post-1604 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-cisco tag-comms tag-critical tag-flaw tag-hackers tag-lets tag-remotely tag-systems tag-unified"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/01/26/critical-cisco-flaw-lets-hackers-remotely-take-over-unified-comms-systems/" title="Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/01/Critical-Cisco-Flaw-Lets-Hackers-Remotely-Take-Over-Unified-Comms-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Cisco" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/26/critical-cisco-flaw-lets-hackers-remotely-take-over-unified-comms-systems/" title="Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems" rel="bookmark">Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems</a></h2><div class="card-description entry-summary "><p>Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems Jan 26, 2024NewsroomNetwork Security / Vulnerability Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device.<a class="moretag" href="https://owasp.or.id/2024/01/26/critical-cisco-flaw-lets-hackers-remotely-take-over-unified-comms-systems/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/26/critical-cisco-flaw-lets-hackers-remotely-take-over-unified-comms-systems/"><time class="entry-date published" datetime="2024-01-26T20:51:44+00:00" content="2024-01-26">1 year</time> ago </a></div></div></div></article><article 
		id="post-1544" 
		class="card card-blog card-plain post-1544 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-activemq tag-apache tag-attacks tag-exploited tag-flaw tag-godzilla tag-shell tag-web"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/01/22/apache-activemq-flaw-exploited-in-new-godzilla-web-shell-attacks/" title="Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/01/Apache-ActiveMQ-Flaw-Exploited-in-New-Godzilla-Web-Shell-Attacks-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/22/apache-activemq-flaw-exploited-in-new-godzilla-web-shell-attacks/" title="Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks" rel="bookmark">Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks</a></h2><div class="card-description entry-summary "><p>Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks Jan 22, 2024NewsroomVulnerability / Malware Cybersecurity researchers are warning of a &#8220;notable increase&#8221; in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. &#8220;The web shells are concealed within<a class="moretag" href="https://owasp.or.id/2024/01/22/apache-activemq-flaw-exploited-in-new-godzilla-web-shell-attacks/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/22/apache-activemq-flaw-exploited-in-new-godzilla-web-shell-attacks/"><time class="entry-date published" datetime="2024-01-22T04:55:06+00:00" content="2024-01-22">1 year</time> ago </a></div></div></div></article><article 
		id="post-1543" 
		class="card card-blog card-plain post-1543 post type-post status-publish format-standard hentry category-news tag-chinese tag-flaw tag-hackers tag-silently tag-vmware tag-weaponized tag-years tag-zeroday"><div class="row "><div class= "col-sm-12"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/20/chinese-hackers-silently-weaponized-vmware-zero-day-flaw-for-2-years/" title="Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years" rel="bookmark">Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years</a></h2><div class="card-description entry-summary "><p>Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server<a class="moretag" href="https://owasp.or.id/2024/01/20/chinese-hackers-silently-weaponized-vmware-zero-day-flaw-for-2-years/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/20/chinese-hackers-silently-weaponized-vmware-zero-day-flaw-for-2-years/"><time class="entry-date published" datetime="2024-01-20T13:36:24+00:00" content="2024-01-20">1 year</time> ago </a></div></div></div></article><article 
		id="post-1520" 
		class="card card-blog card-plain post-1520 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attacks tag-chain tag-cicd tag-exposed tag-flaw tag-poisoning tag-supply tag-tensorflow"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/01/18/tensorflow-ci-cd-flaw-exposed-supply-chain-to-poisoning-attacks/" title="TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/01/TensorFlow-CICD-Flaw-Exposed-Supply-Chain-to-Poisoning-Attacks-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Poisoning Attacks" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/01/18/tensorflow-ci-cd-flaw-exposed-supply-chain-to-poisoning-attacks/" title="TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks" rel="bookmark">TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks</a></h2><div class="card-description entry-summary "><p>TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks Jan 18, 2024NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to<a class="moretag" href="https://owasp.or.id/2024/01/18/tensorflow-ci-cd-flaw-exposed-supply-chain-to-poisoning-attacks/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/01/18/tensorflow-ci-cd-flaw-exposed-supply-chain-to-poisoning-attacks/"><time class="entry-date published" datetime="2024-01-18T13:07:52+00:00" content="2024-01-18">1 year</time> ago </a></div></div></div></article>
	<nav class="navigation pagination" aria-label="Posts pagination">
		<h2 class="screen-reader-text">Posts pagination</h2>
		<div class="nav-links"><a class="prev page-numbers" href="https://owasp.or.id/tag/flaw/page/7/">Previous</a>
<a class="page-numbers" href="https://owasp.or.id/tag/flaw/">1</a>
<span class="page-numbers dots">&hellip;</span>
<a class="page-numbers" href="https://owasp.or.id/tag/flaw/page/7/">7</a>
<span aria-current="page" class="page-numbers current">8</span>
<a class="page-numbers" href="https://owasp.or.id/tag/flaw/page/9/">9</a>
<a class="page-numbers" href="https://owasp.or.id/tag/flaw/page/10/">10</a>
<a class="next page-numbers" href="https://owasp.or.id/tag/flaw/page/9/">Next</a></div>
	</nav>				</div>
							</div>
		</div>
	</div>
</div>
					<footer class="footer footer-black footer-big">
						<div class="container">
																<div class="hestia-bottom-footer-content"><ul class="footer-menu pull-left"><li class="page_item page-item-17 current_page_parent"><a href="https://owasp.or.id/blog/">Blog</a></li>
<li class="page_item page-item-16"><a href="https://owasp.or.id/contact/">Contact</a></li>
<li class="page_item page-item-998"><a href="https://owasp.or.id/gdpr/">GDPR</a></li>
<li class="page_item page-item-345"><a href="https://owasp.or.id/meetup/">Meetup</a></li>
<li class="page_item page-item-360"><a href="https://owasp.or.id/sitemap/">SiteMap</a></li>
</ul>
<div class="copyright pull-right">Hestia | Developed by <a href="https://themeisle.com" rel="nofollow">ThemeIsle</a></div></div>			</div>
					</footer>
			</div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/hestia\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2" id="jquery-bootstrap-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script>
<script type="text/javascript" id="hestia_scripts-js-extra">
/* <![CDATA[ */
var requestpost = {"ajaxurl":"https:\/\/owasp.or.id\/wp-admin\/admin-ajax.php","disable_autoslide":"","masonry":""};
/* ]]> */
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/js/script.min.js?ver=3.2.11" id="hestia_scripts-js"></script>
</body>
</html>