-
```
Hi,
I've noticed a possible denial of service if a PuSH hub were to accept
'publish' notifications without authentication from the 'publisher'.
I understand these requests are only pings. My con…
-
# Problem
These two specifications are incompatible:
> `function nft_transfer`
> If using Approval Management, contract MUST nullify approved accounts on successful transfer.
>
> https://nom…
-
`test_int` recently [failed on a buildbot](https://buildbot.python.org/all/#/builders/1115/builds/437/steps/4/logs/stdio):
```
======================================================================
…
-
We are facing this issue when running the `npm audit` command. Is it possible to fix it, or is there any workaround to solve this problem locally in our projects?
-
**Github username:** @0xmahdirostami
**Twitter username:** 0xmahdirostami
**Submission hash (on-chain):** 0xd31a092e8db53d26eacddfb89af64985f814dc51553a21078ae5fb68e1537158
**Severity:** medium
**De…
-
Can you upgrade xlsx to 0.17.0^ to address the following CVEs? Thanks
CVE-2021-32014
moderate severity
Vulnerable versions: < 0.17.0
Patched version: 0.17.0
SheetJS Pro through 0.16.9 allows at…
-
## CVE-2021-33503 - High Severity Vulnerability
Vulnerable Library - urllib3-1.21.1-py2.py3-none-any.whl
HTTP library with thread-safe connection pooling, file post, and more.
Library home page: htt…
-
## CVE-2024-3651 - High Severity Vulnerability
Vulnerable Library - idna-2.5-py2.py3-none-any.whl
Internationalized Domain Names in Applications (IDNA)
Library home page: https://files.pythonhosted.…
-
Imported from upstream, reported by mkienow-r7.
prefix is controllable by the caller and could result in a regular expression denial of service (ReDoS).
- api/routes/credentials.js:
`_id: {$r…
-