-
Do we have alternative packages to csurf? it seems unmaintained, and recently a vulnerability was discovered.
https://snyk.io/vuln/SNYK-JS-CSURF-3021144
Given the popularity of this package, the …
-
December 2023 @StackStorm/tsc `1 hour` meeting:
- `Tuesday, 12 December 2023, 09:30 AM US Pacific / 06:30 PM EU CET`
- See https://github.com/StackStorm/community/issues/33 for the schedule and how …
arm4b updated
7 months ago
-
Does this issue occur when all extensions are disabled?: Yes
- VS Code Version: 1.83 & 1.84-insider NOT: 1.80.2
- OS Version: macOS AMD64
Steps to Reproduce:
1. Provide cod…
-
Affected versions of this package are vulnerable to Arbitrary Code Injection via a crafted POST request to the /pdf path. An attacker can execute arbitrary code on the system by sending a specially cr…
-
Snyk scan of newrelic-telemetry-sdk-java is reporting com.squareup.okhttp3:okhttp@4.9.0 vulnerabilities.
https://security.snyk.io/package/maven/com.squareup.okhttp3:okhttp/4.9.0
Request to upgrad…
-
https://app.snyk.io/
We need to Synk scan on the repository set up to discover any vulnerabilities we may pull in. Check other projects in ODH space how they were able to configure this. Also do f…
-
Hello,
since this morning security checks in our projects are reporting new critical vulnerability in the current pebble version 3.1.5:
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-37767
Origin…
-
For the vulnerability mitigation plan, in addition to the latest vulnerable dependency, is it possible to announce in which version this vulnerability has been fixed?
Now that this information is not…
-
This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Change…
-
This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to upgrade electron-log from 4.4.7 to 4.4.8.
:information_source: Keep your dependencies up-to-…