-
[Request For Comments] Are GitHub Security Advisories feasible?
# Comments are welcome
- Via either GitHub issues or mails to `t2y3141592@gmail.com`
## Possible process
1. A concerned GitHub u…
-
### Issue Description
Flagging here that the dependency on `resque` which depends on `sinatra` has a known vulnerability (CVE-2024-21510). An active issue is being worked on.
See here: https://githu…
-
Advisory [GHSA-gppm-hq3p-h4rp](https://github.com/advisories/GHSA-gppm-hq3p-h4rp) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/runatlantis/atlantis](https://…
-
https://github.com/vim/vim/security/advisories/GHSA-rj48-v4mq-j4vg
-
**Expected behavior:**
Audit should fail because of vulnerable dependencies detected in project.
Output:
```
Failed security audit due to high vulnerabilities.
Vulnerable advisories are:
https:/…
-
There are multiple security vulnerabilities are fixed in OpenSC v0.26-rc1:
https://github.com/OpenSC/OpenSC/releases/tag/0.26.0-rc1
-
#### **Description:**
To enhance the security monitoring of our repositories, we need to integrate a process that fetches security advisories using the GitHub API. This will allow us to programmati…
-
We are subscribes to GHSA and getting many mirroring updates of the GHSA in log:
2022-07-27 23:41:04,684 INFO [GitHubAdvisoryMirrorTask] Starting GitHub Advisory mirroring task
2022-07-27 23:41:07…
-
There's a reported "high severity" security issue with System.Text.Json 8.0.4
https://github.com/advisories/GHSA-8g4q-xg66-9fp4
-
Advisory [GHSA-p7mv-53f2-4cwj](https://github.com/advisories/GHSA-p7mv-53f2-4cwj) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/cometbft/cometbft](https://pkg…