-
https://www.exploit-db.com/docs/39717.pdf
-
> The project MUST publish the process for reporting vulnerabilities on the project site. E.g., a clearly designated mailing address on https://PROJECTSITE/security, often in the form security@example…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
### Current Behavior
A vulnerability which exists in multiple databases are not linked so report as 2 issues (therefore doubling risk score)
### Steps to Reproduce
1.import BOM with vulnerability p…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
### 🐛 Describe the bug
Using any model, even the simplest example from the docs, results in an error with torch.dynamo_export.
```python
import torch
import torch.onnx
class MyModel(torch.…
-
NPM is reporting a vulnerability due to the version of emailjs. The version has moment as a dependency and moment version is vulnerable.
-
During builds, npm reports vulnerability with seneca-legacy-logger. Basically it is lodash which is vulnerable and is used in this project's dependencies.
Is this logger still suggested to be used, o…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
=== npm audit security report ===
…