-
In order to enforce check-in criteria for Pull Requests based on build, tests, linting, and more, we need to integrate with a CI/CD solution like Azure Pipelines. This issue should also track which ki…
cn894 updated
5 years ago
-
I have a situation involving integration between two partner enterprise software vendors that is broken by deprecation of 3rd-party cookies. Please bare with me, because this takes quite a while to se…
-
Support the name and version identification of the third-party jar package of Java programs, such as fastjson.jar
Fastjson < 1.2.67 deserialization Remote Code Execution Vulnerability
Traverse t…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.memoize:4.1.2](https://ossindex.sonatype.org/component/pkg:npm/lodash.memoize@4.1.2) results in the following vulnerabil…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.uniq:4.5.0](https://ossindex.sonatype.org/component/pkg:npm/lodash.uniq@4.5.0) results in the following vulnerability(s)…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.debounce:4.0.8](https://ossindex.sonatype.org/component/pkg:npm/lodash.debounce@4.0.8) results in the following vulnerab…
-
spin-off from https://github.com/OWASP/ASVS/issues/1916 "Discussion/Proposal 1"
The [summary](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.3.3) for browser …
-
## Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 4.8.1
- Ruby: ruby 2.1.9p490
- Distribution: CentOS7
- Module version: 2.6.1
I've created zabbix proxy with such h…
-
Some of our AWS examples assume you have a default VPC, and break if you do not. It is often common security practice to delete an account's default VPC upon creation to avoid accidental ingress/egres…
-
Similarly to some providers like youtube or plex, setting up a new client could:
1. ask for the server url
2. display a pin like `9F3L`
3. allow user to enter the PIN straight from any other logged…