-
**Is your feature request related to a problem? Please describe.**
At the moment when results are reported, the report only includes the offending sink workflow/action file. For instance, if you run …
-
### Issue Summary
A summary of the issue and the browser/OS environment in which it occurs.
### Steps to Reproduce
1. This is the first step
2. This is the second step, etc.
Any other…
-
# **Summary**
VvvebJs version 1.7.4 exhibits an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to upload malicious files onto the server, potentially leading to the e…
-
As reported by `npm audit`:
```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Arbitrary File Write │
…
-
Github has finally added the ability for repository owners to turn on private vulnerability reporting, to make disclosing vulnerabilities in a secure manner easier for all parties involved.
https:/…
-
A penetration testing reported indicated that decrypting JWE with truncated authentication tag still works without throwing exception.
After researching further, found that the issue is due to how …
zzyzy updated
2 months ago
-
Hi there,
Would it be possible to update the JSZip dependancy to v3.8.0 or later to avoid the [CVE-2022-48285](https://www.cve.org/CVERecord?id=CVE-2022-48285) vulnerability?
Thanks,
Alex
-
Please see the following feature request that I raised in the harbor project regarding the issue https://github.com/goharbor/harbor/issues/18594
-
The title says it. I obviously can't disclose the plugin name and the nature of the vulnerability publicly, but the plugin should be pulled off the Marketplace until the issue is resolved, and active …
-
I found vulnerability in kod explorer. where can I report this?