-
Hi community! I found a vulnerability in kubearmor and reported it privately with respect to the security policy one week ago. I tried to send an email to the security mailing list and some active mai…
-
CI workflow detects possible security vulnerability.
-
**Description:**
Google's July security update has addressed critical vulnerabilities in Pixel devices, specifically CVE-2024-32896, which remains unpatched in many other Android devices. This vuln…
-
**Describe the bug**
On ticket #1398 , we tried to address most dependabot security vulnerability in FAM code by replacing the "**python-jose**" library with "**PyJwt**" library and "**authlib**".
How…
-
### Describe the Bug
See: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
Please keep dependencies up-to-date
### To Reproduce
Run `npm install` on any project depending in '@sitecore-jss/siteco…
-
Hi @adbtae
With looking into code, I see we are simply reading text file for our APIKey which will lead to security break. We can consider using environment variables or secure storage.
/blob/m…
-
**Do you want to request a *feature* or report a *bug*?**
bug
**What is the current behavior?**
* axios < 1.6.8 has various security vulnerabilities
* most of the other dependencies are out…
-
Critical Vulnerability of cross-site scripting can be triggered by using simple html image tag which will trigger javascript code on onerror event and can compromise client side renderring that v…
-
Are there any chances of getting a security fix that addresses this recently filed issue? https://security.snyk.io/vuln/SNYK-JS-REQUIREJS-5416713
There isn't a CVE posted for this yet, as it was ju…
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.8.0 | Vulnerability detection| Manager | Docker | Docker |
New vulnerability-detection does not honor …