-
As security officer, I would like to ensure that high-sensitivity information is not present in the data-hub's logs.
**Acceptance Criteria**
[ ] A list of all high sensitivity data elements
[ ] A…
-
## CVE-2020-5408 - Medium Severity Vulnerability
Vulnerable Libraries - spring-security-crypto-5.0.7.RELEASE.jar, spring-security-core-5.0.7.RELEASE.jar
spring-security-crypto-5.0.7.RELEASE.jar
sp…
-
The `--delete-scanner` doesn't check if a scanner is used before deleting it. This causes GSA and the API to break.
### Expected behavior
An error message is displayed if the scanner is assigne…
-
Installer gets a very poor score (high confidence malicious) on both Filescan and Hybrid-Analysis. Is there any way to remove unnecessary API imports or change the way bundled resources are delivered …
-
## Problem
In the resulting `manifest.spdx.json` file created by SBOM Tool, the "relationships" are all defined as depending on SPDXRef-RootPackage instead of the proper subdependency.
## Context
…
-
This is a suggestion to add a field in the specification to indicate if there is a steward (see, EU-CRA - Article 24 and https://linuxfoundation.eu/cyber-resilience-act for context) for the project. …
-
### ⚠️ This issue respects the following points: ⚠️
- [X] This is a **bug**, not a question or a configuration/webserver/proxy issue.
- [X] This issue is **not** already reported on Github _(I've sea…
-
## CVE-2023-36478 - High Severity Vulnerability
Vulnerable Libraries - http2-hpack-9.4.52.v20230823.jar, jetty-http-9.4.52.v20230823.jar
http2-hpack-9.4.52.v20230823.jar
Library home page: https:…
-
### Have you tried to resolve this issue yourself first?
Yes
### Bug Description
By updating scanner from @salesforce/sfdx-scanner 3.15.0 to @salesforce/sfdx-scanner 4.3.2, we are facing syntax err…
-
### New Issue Checklist
- [x] I am not disclosing a [vulnerability](https://github.com/parse-community/parse-server/blob/master/SECURITY.md).
- [x] I am not just asking a [question](https://gith…