-
The NCPA agent web page on the client (default port 5693) does not enforce HSTS.
Per vulnerability scan from Tenable:
The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" hea…
-
HyperMesh does a temporary save of related records inside of a rolled back transaction *without validations* so that the client state is setup on the server. This is fine unless you have a Model that…
-
I have an idea for this project.
I have read some backend and frontend code here, which are written in Java and typescript.
So my proposal is: Does the apitable have any plans to add new modules(mic…
-
- Stack version: 8.16.0-SNAPSHOT
- LogsDB: enabled
- Package: tenable_io
- Failing test: system test: (elastic-agent logs - default)
- DataStream: plugin
- Owners:
- @elastic/security-service-inte…
-
*Title*: Envoy should register invalid HTTP as an attempt to send a request
*Description*:
If a malformed HTTP1 request is sent (e.g. No headers, just "a\r\n\r\n") the HTTP1.1 code will reject it …
-
### Expected behavior
rsyslog should be able to read and parse nessus scan reports log data listed in the report directory as follows
Linux | /opt/nessus/var/nessus/users/admin/reports
Windows |…
-
Hi -
Thanks for great UI.
Small suggestion: I don't think a user of the UI is interested in names of swagger-models, so I think those are just a distraction and clutter. I'm referring to these (…
-
Hi! I'm helping review the security audit recommendations and one is to review opportunities to enforce 2FA at the service level. Is this an option with how authentication is currently set up? Thought…
-
In "2.3.3. Otherwise, if `x` is an object or function",
it's not clear what "is an object or function" means.
My first guess was this:
(1) `x instanceof Object || x instanceof Function`
wh…
-
### What version of Go are you using (`go version`)?
$ go version
go version go1.13 linux/amd64
### Does this issue reproduce with the latest release?
Yes.
### What operating system a…