-
The vulnerability in [`local-devices@2.0.0`](https://github.com/cristianstaicu/SecBench.js/tree/efc9da1acc50bceddd40f3ce48d5f0f426feb614/code-injection/local-devices_2.0.0) is mislabeled as code injec…
-
We're running Django 5.0, which is no longer in the mainstream support window: [https://www.djangoproject.com/download/](https://www.djangoproject.com/download/)
Upgrade Django to version 5.1.1 or hi…
-
## What are the steps to reproduce this issue?
Run snyk test --severity-threshold=high on package after installing
## What happens?
Issues with no direct upgrade or patch:
✗ Remote Code …
-
use of Snyk revealed a number of vulnerabilities, can the software be updated with a patched version?
the vulnerabilities were not validated against real-world exploitability
Command Injection : 6…
-
## Description
The goal of this change is to enhance the usability of Langfuse's Prompt Management feature. Currently, users can manage prompts via the UI, SDKs, and API to create, update, and rele…
-
Confirm leveraging the service snyk will be a suitable alternative to baking in a github action docker scout solution
- Comparable CVEs are being reported
- CVEs reported are inline with twistloc…
-
## What are the steps to reproduce this issue?
1. Run snyk test --severity-threshold=high on package after installing
## What happens?
Receive error:
✗ Inefficient Regular Expression C…
-
Since the last release, `v1.12.1`, the following issue has been observed in our pipelines.
```
[2024-10-10T10:56:04.841Z] + + snyk-linux test --configuration-matching=^((?!test).)*$ --file=platfor…
-
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade electron-updater from 6.3.7 to 6.3.8.
:infor…
-
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerab…