CocoaPods
‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Richi Jennings | | App Sec & Supply Chain Security, Apple, Apple iOS, AppSec & Supply Chain Security, CocoaPods, CVE-2024-38366, CVE-2024-38368, dependencies, dependency injection, Dependency Management, macos, macOS Security, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, SB Blogwatch, software dependencies, Supply-Chain Insecurity, third-party dependencies, trust dependencies
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...
Security Boulevard
CocoaPods and Conda in Nexus Repository 3.19
Brent Kostak | | CocoaPods, Conda, FEATURED, Nexus Repository, Post developers/devops, Product, Sonatype Nexus
New Supported Languages. More Stable Builds. We are excited to officially announce native format support for CocoaPods and Conda dependency managers in Nexus Repository Manager 3.19. Over the last few months, Sonatype ...