-
session.hashed_value uses hashlib.md5
While this MD5 usage isn't security related, MD5 usage is deprecated. It triggers security warnings for scanners, and isn't available in FIPS environment.
T…
-
## CVE-2022-22970 - Medium Severity Vulnerability
Vulnerable Libraries - spring-beans-5.2.0.M2.jar, spring-core-5.2.0.M2.jar
spring-beans-5.2.0.M2.jar
Spring Beans
Library home page: https://proje…
-
Reproduce steps:
1. deploy Harbor with this offline build: https://storage.googleapis.com/harbor-builds/harbor-offline-installer-latest.tgz
2. create replication endpoint DockerHub and create a pull…
zyyw updated
4 months ago
-
Edit: updated image+text for TerriaMap 0.2.1 release (+yarn upgrade)
I'm not sure which project to file this issue on, so my apologies if it's in the wrong place.
Trivy reports a reasonable amou…
-
-
## CVE-2023-20863 - Medium Severity Vulnerability
Vulnerable Libraries - spring-expression-4.3.9.RELEASE.jar, spring-expression-5.2.6.RELEASE.jar
spring-expression-4.3.9.RELEASE.jar
Spring Express…
-
## CVE-2020-5421 - Medium Severity Vulnerability
Vulnerable Libraries - spring-web-4.3.9.RELEASE.jar, spring-web-5.2.6.RELEASE.jar
spring-web-4.3.9.RELEASE.jar
Spring Web
Library home page: http:/…
-
## CVE-2022-22950 - Medium Severity Vulnerability
Vulnerable Libraries - spring-expression-4.3.9.RELEASE.jar, spring-expression-5.2.6.RELEASE.jar
spring-expression-4.3.9.RELEASE.jar
Spring Express…
-
The logic needs to be corrected.
https://github.com/forseti-security/forseti-security/blob/705cb3c29cc8665fcb6def764805bf90685e226a/google/cloud/forseti/scanner/audit/external_project_access_rules_…
-
```
What did I do?
checkout out the project
build it via "mvn clean install"
deployed *.war on a local jetty server (jetty version: 9.0.7)
caused this Exception:
2013-11-18 14:06:11.604:INFO:oejdp.S…