-
Within the Enterprise that I work, we follow a process for approving marketplace GitHub actions.
The review process includes scanning the source code (using GitHub Advanced Security with the securi…
-
Hi,
Any idea as part of which release the following CVE's are gonna be addressed?
[CVE-2024-29025](https://nvd.nist.gov/vuln/detail/CVE-2024-29025)
[CVE-2024-25710](https://nvd.nist.gov/vuln/d…
-
### Bug Description:
In TheiaIDE the quick fix does not work for java project
### Additional Information
- Operating System: macos Sequoia 15.1
- Theia Version: 1.54.0.165
h…
-
Currently the image `groundnuty/k8s-wait-for:no-root-v2.0` has several security vulnerabilities.
Running the command `docker scout cves groundnuty/k8s-wait-for:no-root-v2.0` list all of these.
Her…
-
After checking today 19th of June 2024 Trivy reports another set of issues:
```
trivy image quay.io/yonatankahana/nfs-subdir-external-provisioner:v4.0.3-rc2
quay.io/yonatankahana/nfs-subdir-exte…
-
Hello,
There is two high risk security vulnerabilities related to [node-fetch](https://github.com/advisories/GHSA-r683-j2x4-v87g) package and [minimatch](https://github.com/advisories/GHSA-f8q6-p94…
-
Internally, we discovered that this package calls this URL (https://api.paystack.co/checkout/request_inline), and that's fine. However certain details like the public_key are exposed when you inspect …
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…