-
[The _Vulnerabilities_ check has the following description](https://github.com/ossf/scorecard/blob/c1066d9ac232e835ec0c22a255cdd46ec58dd2c7/docs/checks.md#vulnerabilities):
> This check determines …
-
Issue found: Intent Redirection
We found that your app contains security vulnerabilities, which can expose user information or damage a user’s device. This is a violation of Device and Network Abus…
-
### Describe your question
The following CVEs are being detected by Microsoft Defender for Cloud in the current version of v3.243.1 that I am using in the ADO agents. Is there any update on fixing th…
-
Description:
Security in Open Source. Address the security aspects of open-source software and how communities work to identify and fix vulnerabilities.
1. Write a Script - Check out the [ sampl…
-
**Type of issue**: bug report
**Impact**: rtl refactoring
**Development Phase**: proposal
Hi, our transient execution bug fuzzer found a new spectre variant on BOOM that can inject secret data i…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@dwisiswant0) has found a potential issue, which I would be eager to share with you.
Could you add a `SE…
-
### What happended?
In file: [SExpression.java](https://github.com/bcgit/bc-java/blob/1.78.1/pg/src/main/java/org/bouncycastle/gpg/SExpression.java#L147), there is a potential case of null pointer …
-
I would like to translate the vulnerabilities' description to Brazilian Portuguese, but I wasn't able to find the files that contain this descriptions and that are used in the XML report generation. C…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@mnqazi) has found a potential issue, which I would be eager to share with you.
Could you add a `SECURIT…
-
### Describe the bug
if repo contain Python code with pip dependencies, xRay CLI failed to build dependency tree.
### Current behavior
$ jf audit
```
16:18:26 [Debug] JFrog CLI version: 2.70.0
1…