-
Some features that comes to my mind:
- [ ] Not being vulnerable to **trivial replay attack**s
- [ ] Random looking sequence of port numbers
- [ ] Not being vulnerable to **Man In The Middle Att…
-
We have some pretty awesome security software that does this ~man-in-the-middle-attack~ TLS interception where it decrypts and re-encrypts all TLS traffic.
For Node apps, I've been able to add the …
-
Hi,
I've noticed that some HOT sites are scoring really low on the HTTPS observatory. What this means is that they might be target for different attack vectors and techniques (XSS, Man-in-the-middl…
-
Passwords should be encrypted.
-
Tracking issue for:
- [ ] https://github.com/NASA-PDS/validate/security/code-scanning/5
- [ ] https://github.com/NASA-PDS/validate/security/code-scanning/3
- [ ] https://github.com/NASA-PDS/val…
-
Hello,
After the issue #275, it seems that the Oauth2 with redirection does not work.
Firstly the provided Token URL appears to be ignored and `http://localhost:3000` is always used instead
S…
-
We are getting the below issue when doing bundle install with jruby today since the root CA is expired.
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
https://community.letse…
-
```
di73yeq4@login02:/hppfs/work/pn49ha/di73yeq4/seissol-spack-aid/spack/packages> module list
Currently Loaded Modulefiles:
1) admin/1.0 3) lrz/1.0 5) intel-oneapi-compilers/2021.4.0(d…
-
## CVE-2020-9488 - Low Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Library home page: http://www.apache.org
Path to dependency file: /templates/function-template-ja…
-
**Describe the solution you'd like**
The ability to set `ssl_check_hostname` in addition to the `ssl_context`.
**Additional context**
[kafka-python's KafkaConsumer](https://kafka-python.readthedo…