-
Tracking issue for:
- [ ] https://github.com/2lambda123/cisagov-Malcolm/security/code-scanning/99
-
Hey there!
I'd like to report a security issue but cannot find contact instructions on your repository.
If not a hassle, might you kindly add a `SECURITY.md` file with an email, or another contact m…
-
### Description
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@3.0.0
lint-staged > listr@0.14.3 > listr-update-rendere…
-
-
This issue is related to https://github.com/vega/vega/issues/3285, but the request is to update d3-color dependency in all vega modules.
We already use the latest vega@5.21.0 and it many submodule…
ghost updated
2 years ago
-
## Is your feature request related to a problem? Please describe.
Since Ruby 3.2, the Regexp engine (Onigmo) has been improved to prevent catastrophic backtracking on matching. Catastrophic backtra…
-
Got this warning on `npm install`
```
tough-cookie@1.2.0: ReDoS vulnerability parsing Set-Cookie
```
-
│ high │ Uncontrolled resource consumption in braces │
│ Package │ braces │
│ Patched in │ >=3.0.3 …
-
```
# npm audit report
cross-spawn =1.4.0
Depends on vulnerable versions of dmn-js-shared
Depends on vulnerable versions of selection-ranges
Depends on vulnerable versions of table-js
…
-
Upgrade python-multipart to fix [1 Dependabot alert](https://github.com/GSA/smartpay-training/security/dependabot?q=is%3Aopen+package%3Apython-multipart+manifest%3Arequirements.txt+has%3Apatch) in [re…