-
The library "uCrop" was found to be using a vulnerable version of the libpng library.
The library does not properly validate the information that it processes which can lead to unintended access o…
-
Vulnerable Library - spring-boot-starter-security-2.7.1.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-securi…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/7017
Originally posted by **fernandogont** June 25, 2024
### Question
Hi,
I'm trying to run Trivy for kubernetes securi…
-
Despite our best efforts, it's likely that a security vulnerability will be discovered by a non-contributor out in the wild. It would be good to have a page instructing them how to best report the iss…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
found some unsafe sql-querys in our codebase! (also in asyncua -> f-strings are not injection safe!)
```python
# BAD EXAMPLES. DON'T DO THIS!
cursor.execute("SELECT admin FROM users WHERE usernam…
-
> HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged termin…
-
**Is your feature request related to a problem? Please describe.**
There is no [security policy](https://github.com/graphql-rust/juniper/security/policy) set up for this project. Also, searching for …