Trust Boundary Semantic Gaps: A Multi-dimensional Analysis and Mitigation for Security-by-Design
Pith reviewed 2026-07-03 11:29 UTC · model grok-4.3
The pith
Artifacts passing syntactic checks at trust boundaries can still violate the receiving domain's security requirements.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
A Trust Boundary Semantic Gap exists when an artifact crosses a trust boundary, passes correctly implemented syntactic validation, yet fails to satisfy the receiving domain's security properties. The authors organize such gaps into the MDTBSG four-dimensional model and introduce the TBSAM framework, which extracts gaps from design specifications, prioritizes them, separates locally originating gaps from propagated ones, and identifies interrupting architectural controls. Retrospective application to the SolarWinds supply-chain attack demonstrates how the method makes receiving-domain assumptions explicit.
What carries the argument
Trust Boundary Semantic Gap (TBSG): the condition in which syntactic validation succeeds while semantic security properties required by the receiving domain remain unestablished.
If this is right
- Design specifications must record the semantic properties the receiving domain expects, not only the syntactic checks performed.
- Gaps identified at one boundary can be traced backward to their originating boundary rather than treated only locally.
- Candidate architectural controls can be assigned to each gap to interrupt propagation paths, as illustrated in the SolarWinds reconstruction.
- Syntactic validation remains necessary but must be supplemented by explicit semantic checks at trust boundaries.
Where Pith is reading between the lines
- The framework could be extended to generate machine-readable trust-boundary contracts that tools might check automatically during design reviews.
- Similar semantic gaps may appear in non-traditional boundaries such as API contracts between microservices or between models and their training data pipelines.
- Adoption would require updates to how security standards document assumptions across organizational or vendor boundaries.
Load-bearing premise
The 75 selected security incidents accurately represent and categorize the full range of Trust Boundary Semantic Gaps without material bias or omission.
What would settle it
A documented incident at a trust boundary in which syntactic validation alone proved sufficient to block compromise, or a new incident type that cannot be placed in any of the four MDTBSG dimensions.
Figures
read the original abstract
Modern systems use format-, protocol-, and signature-based mechanisms before accepting artifacts across trust boundaries. These mechanisms are necessary: they show that an artifact is well formed, protocol-compliant, or properly authenticated. They do not, however, show that the artifact satisfies the semantic security properties required by the receiving domain. A signed update or an authenticated token may therefore be accepted yet enable compromise. We call this condition a Trust Boundary Semantic Gap (TBSG): an artifact crosses a trust boundary and passes correctly implemented syntactic validation, but the assertions established by that pass are insufficient to satisfy the receiving domain's security requirements. TBSG concerns what remains unestablished after a syntactic pass, not absent checks or implementation bugs. Analyzing 75 publicly reported security incidents (2014-2025) at the boundary level, we organize semantic misalignment into a four-dimensional analysis model: Identity, Spatial, Temporal, and Interpretation (MDTBSG). Building on it, we develop Trust Boundary Semantic Analysis and Mitigation (TBSAM), a design-time framework that identifies TBSGs from design specifications, prioritizes them, traces propagated gaps to their originating boundary, and maps each to candidate architectural controls. We apply TBSAM to a retrospective reconstruction of the SolarWinds/SUNBURST supply-chain attack, showing how it makes receiving-domain assumptions explicit, separates locally originating from propagated gaps, and identifies controls that interrupt the path. These results suggest that syntactic validation, while necessary, is not sufficient at trust boundaries, and that making trust-boundary assumptions explicit can complement Security-by-Design.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper defines Trust Boundary Semantic Gap (TBSG) as the condition where an artifact passes syntactic validation (format, protocol, signature) at a trust boundary but fails to satisfy the receiving domain's semantic security properties. It analyzes 75 publicly reported incidents (2014-2025) to derive a four-dimensional model (MDTBSG: Identity, Spatial, Temporal, Interpretation), then introduces the TBSAM framework for design-time identification, prioritization, tracing, and mitigation of TBSGs. The framework is applied retrospectively to the SolarWinds/SUNBURST attack to demonstrate explicit assumption-making and control mapping. The central claim is that syntactic validation is necessary but insufficient at trust boundaries and that TBSAM complements Security-by-Design.
Significance. If the empirical categorization is robust, the work offers a structured lens for surfacing unstated semantic assumptions at trust boundaries, which are often implicit in current Security-by-Design practices. The SolarWinds reconstruction provides a concrete illustration of separating originating versus propagated gaps and mapping to architectural controls. The approach is falsifiable in principle via further incident studies or controlled design exercises, though its novelty relative to existing trust-boundary and assumption-tracking literature requires clearer positioning.
major comments (2)
- [Analysis of 75 incidents] The section describing the analysis of 75 incidents (referenced in the abstract and the paragraph on organizing semantic misalignment): no selection criteria, inclusion/exclusion rules, search methodology, or inter-rater process for mapping incidents to the four MDTBSG dimensions are provided. This is load-bearing for the central claim, as the MDTBSG model and subsequent TBSAM framework are derived directly from this categorization; without transparent criteria, the risk of post-hoc fitting cannot be assessed.
- [Definition of TBSG] The definition of TBSG (abstract and introduction): the claim that TBSG concerns only what remains unestablished after a correct syntactic pass, explicitly excluding implementation bugs and absent checks, is not accompanied by a decision procedure or examples showing how borderline cases (e.g., a missing semantic check that could be viewed as either absent or unestablished) are classified. This distinction is load-bearing for separating TBSG from ordinary vulnerabilities.
minor comments (2)
- [Abstract] The abstract states the time range 2014-2025 but does not indicate whether the 75 incidents are enumerated in a table or appendix with per-incident dimension assignments; adding such a table would improve verifiability.
- [TBSAM framework] The TBSAM framework description would benefit from a small worked example (beyond the high-level SolarWinds reconstruction) showing the tracing and propagation steps on a minimal design specification.
Simulated Author's Rebuttal
We thank the referee for the thoughtful and constructive report. The two major comments identify areas where additional transparency and operational detail will strengthen the manuscript. We address each below and will incorporate revisions to improve methodological clarity and definitional precision while preserving the paper's core contributions on TBSG, MDTBSG, and TBSAM.
read point-by-point responses
-
Referee: [Analysis of 75 incidents] The section describing the analysis of 75 incidents (referenced in the abstract and the paragraph on organizing semantic misalignment): no selection criteria, inclusion/exclusion rules, search methodology, or inter-rater process for mapping incidents to the four MDTBSG dimensions are provided. This is load-bearing for the central claim, as the MDTBSG model and subsequent TBSAM framework are derived directly from this categorization; without transparent criteria, the risk of post-hoc fitting cannot be assessed.
Authors: We agree that explicit documentation of the incident analysis methodology is necessary for readers to evaluate the robustness of the derived MDTBSG model. The current manuscript states that the dimensions were obtained from analysis of 75 publicly reported incidents but does not provide the requested procedural details. In the revised version we will insert a dedicated subsection (likely 3.2 or equivalent) that specifies: search sources (NVD, vendor security bulletins, and public incident reports from 2014-2025), inclusion criteria (incidents in which an artifact crossed a trust boundary after correct syntactic validation yet produced a semantic security failure in the receiving domain), exclusion criteria (pure implementation bugs without boundary crossing, or incidents lacking sufficient public detail), and inter-rater process (independent mapping by two authors followed by consensus discussion, with disagreement rate reported). This addition will allow assessment of post-hoc fitting risk without changing the reported incidents or dimensions. revision: yes
-
Referee: [Definition of TBSG] The definition of TBSG (abstract and introduction): the claim that TBSG concerns only what remains unestablished after a correct syntactic pass, explicitly excluding implementation bugs and absent checks, is not accompanied by a decision procedure or examples showing how borderline cases (e.g., a missing semantic check that could be viewed as either absent or unestablished) are classified. This distinction is load-bearing for separating TBSG from ordinary vulnerabilities.
Authors: We accept that the boundary between TBSG and other vulnerability classes requires a clearer decision procedure and illustrative cases. The manuscript already states that TBSG applies when syntactic validation succeeds yet the receiving domain's semantic security properties remain unsatisfied, but it does not supply operational guidance for borderline situations. In revision we will augment the definition paragraph in the introduction with (1) a short decision procedure (verify syntactic pass occurred correctly; confirm that the validation does not establish the required semantic assertions; classify as TBSG only if both hold) and (2) three concrete examples distinguishing TBSG from absent checks or bugs (e.g., correctly signed update lacking provenance verification versus no signature check at all). These additions will make the separation from ordinary vulnerabilities more reproducible while leaving the core definition unchanged. revision: yes
Circularity Check
No significant circularity; empirical derivation from external incidents
full rationale
The paper's chain proceeds from an explicit definition of TBSG (syntactic pass succeeds but semantic properties remain unestablished), through analysis of 75 external publicly reported incidents (2014-2025) to induce the four MDTBSG dimensions, then to the TBSAM framework built on that model, and finally to retrospective application on SolarWinds. No step reduces a claimed result to its inputs by construction: the dimensions are presented as an organization of observed misalignments rather than presupposed categories into which incidents are forced; no fitted parameters are relabeled as predictions; no self-citations serve as load-bearing uniqueness theorems; and no equations or ansatzes are involved. The derivation remains self-contained as inductive analysis of independent incident data.
Axiom & Free-Parameter Ledger
axioms (1)
- domain assumption The 75 incidents provide a sufficient basis for deriving a general four-dimensional model of semantic misalignments.
invented entities (3)
-
Trust Boundary Semantic Gap (TBSG)
no independent evidence
-
MDTBSG model
no independent evidence
-
TBSAM framework
no independent evidence
Reference graph
Works this paper leans on
-
[1]
Threat modeling process,
OW ASP Foundation, “Threat modeling process,” https://owasp.org/ www-community/Threat_Modeling_Process, 2023
2023
-
[2]
The threats to our products,
L. Kohnfelder and P. Garg, “The threats to our products,” Microsoft internal document, 1999. [Online]. Available: https: //adam.shostack.org/microsoft/The-Threats-To-Our-Products.docx
1999
-
[3]
Shostack,Threat Modeling: Designing for Security
A. Shostack,Threat Modeling: Designing for Security. John Wiley & Sons, 2014
2014
-
[4]
Supply-chain levels for software artifacts (SLSA),
OpenSSF SLSA Working Group, “Supply-chain levels for software artifacts (SLSA),” https://slsa.dev/spec/v1.0, 2023
2023
-
[5]
Zero trust architecture,
S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “Zero trust architecture,” NIST, Tech. Rep. SP 800-207, 2020
2020
-
[6]
The high-level benefits of low-level sandboxing,
M. Sammler, D. Garg, D. Dreyer, and T. Litak, “The high-level benefits of low-level sandboxing,”Proc. ACM Program. Lang., vol. 4, no. POPL, pp. 1–32, 2019
2019
-
[7]
Guidelines for API protection for cloud-native systems,
R. Chandramouli and Z. Butcher, “Guidelines for API protection for cloud-native systems,” NIST, Tech. Rep. SP 800-228, 2025
2025
-
[8]
SSAC report on domain name registration data validation,
ICANN Security and Stability Advisory Committee, “SSAC report on domain name registration data validation,” ICANN, Tech. Rep. SAC058, 2013
2013
-
[9]
Input validation cheat sheet,
OW ASP Foundation, “Input validation cheat sheet,” https://cheatshe etseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html, 2024
2024
-
[10]
Acto: Automatic end-to-end testing for operation correctness of cloud system management,
J. T. Gu, X. Sun, W. Zhang, Y . Jiang, C. Wang, M. Vaziri, O. Le- gunsen, and T. Xu, “Acto: Automatic end-to-end testing for operation correctness of cloud system management,” inProc. ACM SOSP, 2023, pp. 96–112
2023
-
[11]
Synthesis of Code-Reuse attacks from p-code programs,
M. DenHoed and T. Melham, “Synthesis of Code-Reuse attacks from p-code programs,” inProc. USENIX Security Symp., 2025, pp. 395– 411
2025
-
[12]
Nail: A practical interface generator for data formats,
J. Bangert and N. Zeldovich, “Nail: A practical interface generator for data formats,” inProc. IEEE Security and Privacy Workshops (SPW), 2014, pp. 158–166
2014
-
[13]
A virtual machine introspection based architecture for intrusion detection,
T. Garfinkel and M. Rosenblum, “A virtual machine introspection based architecture for intrusion detection,” inProc. NDSS, 2003, pp. 191–206
2003
-
[14]
Space traveling across VM: Automatically bridging the semantic gap in virtual machine introspection via online kernel data redirection,
Y . Fu and Z. Lin, “Space traveling across VM: Automatically bridging the semantic gap in virtual machine introspection via online kernel data redirection,” inProc. IEEE Symp. Security and Privacy (S&P), 2012, pp. 586–600
2012
-
[15]
SoK: Introspections on trust and the semantic gap,
B. Jain, M. B. Baig, D. Zhang, D. E. Porter, and R. Sion, “SoK: Introspections on trust and the semantic gap,” inProc. IEEE Symp. Security and Privacy (S&P), 2014, pp. 605–620
2014
-
[16]
The essence of command injection attacks in web applications,
Z. Su and G. Wassermann, “The essence of command injection attacks in web applications,” inProc. ACM POPL, 2006, pp. 372–382
2006
-
[17]
Exploiting cross- layer vulnerabilities: Off-path attacks on the TCP/IP protocol suite,
X. Feng, Q. Li, K. Sun, K. Xu, and J. Wu, “Exploiting cross- layer vulnerabilities: Off-path attacks on the TCP/IP protocol suite,” Commun. ACM, vol. 68, no. 3, pp. 48–59, 2025
2025
-
[18]
Inside risks: Semantic network attacks,
B. Schneier, “Inside risks: Semantic network attacks,”Commun. ACM, vol. 43, no. 12, p. 168, 2000
2000
-
[19]
A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks,
R. Heartfield and G. Loukas, “A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks,”ACM Comput. Surv., vol. 48, no. 3, 2015
2015
-
[20]
Semantic security against web application attacks,
A. Razzaq, K. Latif, H. F. Ahmad, A. Hur, Z. Anwar, and P. C. Bloodsworth, “Semantic security against web application attacks,”Inf. Sci., vol. 254, pp. 19–38, 2014
2014
-
[21]
The confused deputy: (or why capabilities might have been invented),
N. Hardy, “The confused deputy: (or why capabilities might have been invented),”ACM SIGOPS Oper . Syst. Rev., vol. 22, no. 4, pp. 36–38, 1988
1988
-
[22]
Checking for race conditions in file accesses,
M. Bishop and M. Dilger, “Checking for race conditions in file accesses,”Computing Systems, vol. 9, no. 2, pp. 131–152, 1996
1996
-
[23]
On the TOCTOU problem in remote attestation,
I. De Oliveira Nunes, S. Jakkamsetti, N. Rattanavipanon, and G. Tsudik, “On the TOCTOU problem in remote attestation,” inProc. ACM CCS, 2021, pp. 2921–2936
2021
-
[24]
Security applications of formal language theory,
L. Sassaman, M. L. Patterson, S. Bratus, and M. E. Locasto, “Security applications of formal language theory,”IEEE Syst. J., vol. 7, no. 3, pp. 489–500, 2013
2013
-
[25]
CVE-2021-44228,
“CVE-2021-44228,” NIST National Vulnerability Database, 2021. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
2021
-
[26]
Sunspot malware: A technical analysis,
CrowdStrike Intelligence Team, “Sunspot malware: A technical analysis,” CrowdStrike Blog, 2021. [Online]. Available: https://ww w.crowdstrike.com/en-us/blog/sunspot-malware-technical-analysis/
2021
-
[27]
Highly evasive attacker leverages SolarWinds supply chain to compromise multiple global victims with SUNBURST backdoor,
FireEye Mandiant, “Highly evasive attacker leverages SolarWinds supply chain to compromise multiple global victims with SUNBURST backdoor,” FireEye Blog, 2020. [Online]. Available: https://www.mandiant.com/resources/blog/evasive-attacker-leverages -solarwinds-supply-chain-compromises-with-sunburst-backdoor
2020
-
[28]
The attack on SolarWinds: Next-level stealth was key,
T. Peri ˇcin, “The attack on SolarWinds: Next-level stealth was key,” ReversingLabs Blog, 2020. [Online]. Available: https: //www.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
2020
-
[29]
Advanced persistent threat compromise of govern- ment agencies, critical infrastructure, and private sector organiza- tions,
CISA and FBI, “Advanced persistent threat compromise of govern- ment agencies, critical infrastructure, and private sector organiza- tions,” CISA, Tech. Rep. AA20-352A, 2020
2020
-
[30]
External technical root cause analysis: Channel file 291 incident,
CrowdStrike, “External technical root cause analysis: Channel file 291 incident,” CrowdStrike Holdings, Inc., Tech. Rep., 2024. [Online]. Available: https://www.crowdstrike.com/wp-content/uploads/2024/08 /Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf
2024
-
[31]
Microsoft actions following attack by nation state actor Midnight Blizzard,
Microsoft Security Response Center, “Microsoft actions following attack by nation state actor Midnight Blizzard,” MSRC Blog, 2024. [Online]. Available: https://www.microsoft.com/en-us/msrc/blog/20 24/01/microsoft-actions-following-attack-by-nation-state-actor-mid night-blizzard
2024
-
[32]
DarkSide ransomware: Best practices for preventing business disruption from ransomware attacks,
Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), “DarkSide ransomware: Best practices for preventing business disruption from ransomware attacks,” Cybersecurity and Infrastructure Security Agency, Joint Cybersecurity Advisory AA21-131A, May 2021. [Online]. Available: https: //www.cisa.gov/news-events/cyber...
2021
-
[33]
Microsoft mitigates China- based threat actor Storm-0558 targeting of customer email,
Microsoft Security Response Center, “Microsoft mitigates China- based threat actor Storm-0558 targeting of customer email,” Microsoft Security Response Center Blog, Jul. 2023. [Online]. Available: https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-b ased-threat-actor-storm-0558-targeting-of-customer-email/
2023
-
[34]
Review of the Summer 2023 Microsoft Exchange Online intrusion,
Cyber Safety Review Board, “Review of the Summer 2023 Microsoft Exchange Online intrusion,” U.S. Department of Homeland Security, CSRB Review Report, Mar. 2024. [Online]. Available: https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewOfTh eSummer2023MEOIntrusion508.pdf
2023
-
[35]
CVE-2025-55241,
“CVE-2025-55241,” NIST National Vulnerability Database, 2025. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2025-55241
2025
-
[36]
CVE-2021-26855,
“CVE-2021-26855,” NIST National Vulnerability Database, 2021. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2021-26855
2021
-
[37]
CVE-2019-3396,
“CVE-2019-3396,” NIST National Vulnerability Database, 2019. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2019-3396
2019
-
[38]
CVE-2022-22965,
“CVE-2022-22965,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-22965
2022
-
[39]
Seattle tech worker arrested for data theft involving large financial services company,
U.S. Department of Justice, “Seattle tech worker arrested for data theft involving large financial services company,” U.S. Attorney’s Office, Western District of Washington, Jul. 2019, refers to Capital One Financial Corporation data breach. [Online]. Available: https://www.justice.gov/usao-wdwa/pr/seattle-tech-worker-arrested-d ata-theft-involving-large-...
2019
-
[40]
A systematic analysis of the Capital One data breach: Critical lessons learned,
S. Khan, I. Kabanov, Y . Hua, and S. Madnick, “A systematic analysis of the Capital One data breach: Critical lessons learned,”ACM Trans. Priv. Secur ., vol. 26, no. 1, Nov. 2022. [Online]. Available: https://doi.org/10.1145/3546068
-
[41]
The Equifax data breach,
U.S. House of Representatives Committee on Oversight and Government Reform, “The Equifax data breach,” U.S. House of Representatives, Majority Staff Report, Dec. 2018. [Online]. Available: https://oversight.house.gov/wp-content/uploads/2018/12/E quifax-Report.pdf
2018
-
[42]
CVE-2017-12617: Apache Tomcat RCE via JSP upload bypass,
Apache Software Foundation, “CVE-2017-12617: Apache Tomcat RCE via JSP upload bypass,” Apache Tomcat Security Advisory,
2017
-
[43]
Available: https://tomcat.apache.org/security-9.html
[Online]. Available: https://tomcat.apache.org/security-9.html
-
[44]
CVE-2018-18074,
“CVE-2018-18074,” NIST National Vulnerability Database, 2018. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2018-18074
2018
-
[45]
CVE-2022-31466,
“CVE-2022-31466,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-31466
2022
-
[46]
CVE-2022-32223,
“CVE-2022-32223,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-32223
2022
-
[47]
CVE-2024-38077: Windows remote desktop licensing service remote code execution vulnerability,
Microsoft Security Response Center, “CVE-2024-38077: Windows remote desktop licensing service remote code execution vulnerability,” Microsoft Security Update Guide, Aug. 2024. [Online]. Available: https://msrc.microsoft.com/update-guide/vulnera bility/CVE-2024-38077
2024
-
[48]
Cyberespionage attacks against Southeast Asian government linked to Stately Taurus, aka Mustang Panda,
L. Rochberger, T. Fakterman, and R. Falcone, “Cyberespionage attacks against Southeast Asian government linked to Stately Taurus, aka Mustang Panda,” Palo Alto Networks Unit 42 Threat Intelligence Blog, Sep. 2023. [Online]. Available: https://unit42.paloaltonetwork s.com/stately-taurus-attacks-se-asian-government/
2023
-
[49]
A confused deputy vulnerability in AWS AppSync,
N. Frichette, “A confused deputy vulnerability in AWS AppSync,” Datadog Security Labs, Nov. 2022. [Online]. Available: https://secu ritylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/
2022
-
[50]
CVE-2020-0096,
“CVE-2020-0096,” NIST National Vulnerability Database, 2020. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2020-0096
2020
-
[51]
WalletConnect v2 protocol specification: Sign API and session request handling,
WalletConnect Foundation, “WalletConnect v2 protocol specification: Sign API and session request handling,” WalletConnect Specs, 2023. [Online]. Available: https://specs.walletconnect.com/2.0/specs/client s/sign
2023
-
[52]
Trojan source: Invisible vulnerabilities,
N. Boucher and R. Anderson, “Trojan source: Invisible vulnerabilities,” in32nd USENIX Security Symposium (USENIX Security 23). Anaheim, CA: USENIX Association, Aug. 2023, pp. 6507–6524. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity23/presentation/boucher
2023
-
[53]
CVE-2021-0928,
“CVE-2021-0928,” NIST National Vulnerability Database, 2021. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2021-0928
2021
-
[54]
CVE-2023-20963,
“CVE-2023-20963,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-20963
2023
-
[55]
A deep dive into an NSO zero-click iMessage exploit,
I. Beer and S. Groß, “A deep dive into an NSO zero-click iMessage exploit,” Google Project Zero Blog, 2021. [Online]. Available: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso -zero-click.html
2021
-
[56]
CVE-2024-27198,
“CVE-2024-27198,” NIST National Vulnerability Database, 2024. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2024-27198
2024
-
[57]
CVE-2024-1709,
“CVE-2024-1709,” NIST National Vulnerability Database, 2024. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2024-1709
2024
-
[58]
CVE-2023-22515,
“CVE-2023-22515,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-22515
2023
-
[59]
CVE-2023-27350,
“CVE-2023-27350,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-27350
2023
-
[60]
CVE-2023-34362,
“CVE-2023-34362,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-34362
2023
-
[61]
CVE-2022-26134,
“CVE-2022-26134,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-26134
2022
-
[62]
CVE-2023-0669,
“CVE-2023-0669,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-0669
2023
-
[63]
Apache Struts2 security bulletin S2-052 (CVE-2017-9805),
Apache Software Foundation, “Apache Struts2 security bulletin S2-052 (CVE-2017-9805),” Apache Software Foundation, 2017. [Online]. Available: https://cwiki.apache.org/confluence/display/W W/S2-052
2017
-
[64]
CVE-2022-36804,
“CVE-2022-36804,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-36804
2022
-
[65]
Critical security release: GitLab 13.10.3 (CVE-2021-22205),
GitLab Security Team, “Critical security release: GitLab 13.10.3 (CVE-2021-22205),” GitLab Blog, 2021. [Online]. Available: https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-1 3-10-3-released/
2021
-
[66]
CVE-2023-46805,
“CVE-2023-46805,” NIST National Vulnerability Database, 2024. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-46805
2023
-
[67]
CVE-2022-42475,
“CVE-2022-42475,” NIST National Vulnerability Database, 2022. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2022-42475
2022
-
[68]
CVE-2023-2868,
“CVE-2023-2868,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-2868
2023
-
[69]
CVE-2023-22508,
“CVE-2023-22508,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-22508
2023
-
[70]
CVE-2023-0620,
“CVE-2023-0620,” NIST National Vulnerability Database, 2023. [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2023-0620
2023
-
[71]
Security advisory 2024-01-24: Arbitrary file read via CLI (CVE-2024-23897),
Jenkins Project, “Security advisory 2024-01-24: Arbitrary file read via CLI (CVE-2024-23897),” Jenkins Security Advisories, 2024. [Online]. Available: https://www.jenkins.io/security/advisory/2024-0 1-24/ TABLE 3: MDTBSG Dimension Mapping for the 75-Incident Analysis (•= implicated; — = not implicated.) # Incident Id Sp Te In 1 SolarWinds / SUNBURST [30]•...
2024
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.