-
### Summary
In smc-tools [1][2], the open_cache_file() function in stats.c [3] operates on a predictable path in /tmp, allowing an unprivileged local user to deny the program's service.
> sprintf(…
-
### Windows Terminal version
1.22.2362.0
### Windows build number
10.0.26040.0
### Other Software
My own sixel renderer that I just implemented. I don't doubt that it could be something I'm doin…
-
[Security] Prototype Pollution in sheetJS
https://github.com/advisories/GHSA-4r6h-8v6p-xvw6
**Affected version:** 0.19.3
**Description**
All versions of SheetJS CE through 0.19.2 are vulne…
-
First, I want to start by thanking you for this fantastic browser extension! It has been such a helpful tool in my daily workflow, and I really appreciate all the hard work that has gone into its deve…
-
### Bug Description
The postprocessing in `MarkdownReader.markdown_to_tups` removes html by replacing content within angular brackets by an empty string. However, AFAIK it is valid to enclose the URL…
-
Recently, https://github.com/scipopt/soplex/commit/12ef6c800ed0730f498bfcbdb262f32042b42e70 gave SoPlex the ability to read LP files with arbitrarily long lines; could the same functionality be ported…
-
As [reported in discord](https://discord.com/channels/1039017663004942429/1070132471699607623/1282814518828990526), related to #13287, recent ruff versions (0.6.4 or so) are failing checks on [Encodin…
-
Seems like you are using Jackson Dataformats YAML under the hood, which unfortunately doesn't handle anchors and references in YAML files nicely:
https://github.com/FasterXML/jackson-dataformats-te…
-
- [ ] This issue is blocking
- [ ] This issue is causing unreasonable pain
Maestro should have a fine grained permission system. read and write permissions should be distinct. Other ideas inclu…
-
When modifying options on a distro object and then saving them, file paths such
as the kernel location or initrd location can be used to either gain read access
or write access to files. This seems …