NRDAX-T0022 - Client Library Supply Chain Compromise
supply-chain · active · first seen 2024-01-01
provenance: Catalogued from public disclosure; not yet reproduced
mechanism
Client Library Supply Chain Compromise
instances (0)
| chain | primitive | fidelity | origin | reproducer (bundle) | source |
|---|
references
cve: CVE-2024-54134
cve: CVE-2025-32965
cve: CVE-2026-44503
cve: CVE-2026-45300
cve: CVE-2026-55487
cve: CVE-2026-55700
ghsa: GHSA-qprh-m6p3-hwxc
vendor-advisory: RUSTSEC-2023-0111
vendor-advisory: RUSTSEC-2023-0112
related (supply-chain)
NRDAX-T0034 - Container Escape via Dependency active NRDAX-T0048 - Dependency Use-After-Free Corruption active NRDAX-T0098 - Guest Module Memory Corruption active NRDAX-T0140 - Log Injection RCE active NRDAX-T0170 - Network-Triggered Runtime DoS active NRDAX-T0296 - Template Injection RCE active NRDAX-T0337 - Unexploitable Dependency Vulnerability active NRDAX-T0344 - Uninitialized Memory Disclosure active
cite
https://nrdax.com/techniques/NRDAX-T0022
plain
NRDAX Registry. Technique NRDAX-T0022.
bibtex
@misc{nrdax_NRDAX_T0022,
title = {Client Library Supply Chain Compromise (NRDAX-T0022)},
howpublished = {NRDAX Registry},
url = {https://nrdax.com/techniques/NRDAX-T0022},
} json (csl)
{
"id": "nrdax-NRDAX-T0022",
"type": "dataset",
"title": "Client Library Supply Chain Compromise (NRDAX-T0022)",
"URL": "https://nrdax.com/techniques/NRDAX-T0022",
"publisher": "NRDAX Registry"
}