-
Chrome and Firefox both give developers the ability to build extensions which have background scripts which can interact with a site's cookie jar if the extension has host permissions for that site (d…
-
### Issue
The current Treeview component lacks support for actions specific to different node levels (branch/parent vs. leaf/child). Also, it is not allowing the user to add new leaf nodes to branche…
-
Hi team,
A malicious policyfile in XML passed to veraPDF CLI can lead to a XXE vulnerability exploitation due to insecure use of XML parser. The policyfile be the attack payload, which is similar …
-
It can be seen from the code that these token types for Java are never used:
-
Reducing the dependency on third party software can make our attack surface smaller and conserve system resources.
-
**Is your feature request related to a problem? Please describe.**
Today skipper uses alpine 3 as a docker base image for docker images, while alpine 3 is one of most minimal docker images out there,…
-
Review of the attack surface on the rPI (e.g. power analysis)
-
Recently we have been getting new security vulnerabilities in ACS Commons from OWASP. Luckily, most of these were false positives or in functionalities we don’t use.
This made us think about the bi…
-
The OCR engine does increase the attack surface of Dangerzone, this has been a longstanding hypothesis I've had. We just don't know how much. And recently in the Dangerzone security audit, the auditor…
-
**Describe the benefit this feature would provide to the project**
Reduce the attack surface
**Describe the solution you'd like**
authselect provides the following default profiles:
```
❯ aut…