-
-
According to the [Ajv documentation](https://github.com/ajv-validator/ajv/blob/bd8d86579386cb58854e9db74a5dc7b2d1894806/docs/security.md#redos-attack):
> some formats that ajv-formats package imple…
-
**Is your feature request related to a problem? Please describe.**
Consider this definition sample:
```
openapi: 3.0.0
components:
parameters:
foo:
in: query
name: foo
…
-
- The spells have not been fixed by recent PR #659 yet, that was fixing magic related behaviour.
- is linked to discussion #622 but separated as a standalone ticket focusing on all magic related find…
-
https://github.com/veracode-repository-ruleset/verademo/blob/d748a0a9152d4b5d46af8a433b2863d9f0ed7211/com/veracode/verademo/controller/ToolsController.java#L86-L96
**Filename:** com/veracode/verademo…
-
### Where
https://github.com/xavierpantet/my_ass_on_your_grass/blob/5ebeb6c98d689621444de3275847f134462da9b7/src/services/authentication/AuthenticationService.cpp#L17
https://github.com/xavierpa…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…
-
By default the table option `escape` is set to `false`, which means any data by a potential attacker will end up unencoded in the DOM, which might make the table susceptible to Cross-Site Scripting at…
-
Vulnerable Library - moment-1.7.2.min.js
Parse, validate, manipulate, and display dates
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/1.7.2/moment.min.js
Path to vulnerable lib…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…