-
Originally from: https://github.com/rust-lang/crates.io/issues/79
Right now crates.io API tokens are stored in the (presently chmod `644` i.e. world readable) `~/.cargo/config` file under the `[reg…
-
#### **Objective**
Implement password encryption using bcrypt to securely store user passwords. This ensures that even if the database is compromised, the passwords cannot be easily accessed.
--…
-
## CVE-2021-3711 - Critical Severity Vulnerability
Vulnerable Libraries - OpenSSLOpenSSL_1_1_1g, OpenSSLOpenSSL_1_1_1g, OpenSSLOpenSSL_1_1_1g
Vulnerability Details
In order to decrypt SM…
-
The project uses an un-verified secret sharing scheme for the key, which can be sufficient given an appropriate thread model. But it should be detectable if the either the data or the key has been tam…
-
### Role
Playing Minecraft
### Suggestion
The "profilekeys" folder should be protected in some way.
### Benefit
To protect users somewhat from a new false-reporting method.
### This suggestion i…
-
## 📝 Provide detailed reproduction steps (if any)
1. Use CKEditor 5 within a secured environment to access possibly tainted data (user input from a website, moderated within a RIA).
2. User input …
-
from @dougdeperry:
> Bug Description:
>
> E2E injects an iframe into the compose or read message body in order to display signed or encrypted contents. E2E determines when to inject this iframe base…
-
# Chrome Client Compromise & Vote Manipulation
## Overview
When the election system does not control the client frontend, it is unknown if the client is compromised and therefore if data received …
-
Hello,
My name is Andrei Pogoreltsev,
I'm CTO of Super Protocol Team and we glad to use Gramine in our project. Thank you for the product you're developing!
So, we want to protect our clients app…
-
## CVE-2021-3711 - Critical Severity Vulnerability
Vulnerable Library - OpenSSLOpenSSL_1_1_1g
TLS/SSL and crypto library
Library home page: https://github.com/OpenSSL/OpenSSL.git
Found in base bra…