Bugs

Here we explain how we made our data pipeline scale to 700 million events per second while becoming more resilient than ever before. We share some math behind our approach and some of the designs of

CVEs in three strange places and the unique problem of safely processing and handling fonts.

Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.

Discovery of Headless Chromium security vulnerability, how it works, and mitigations that should be applied to similar configurations