-
[This issue is imported from pivotal - Originaly created at Jun 14, 2018 by Joris Steyn](https://www.pivotaltracker.com/story/show/158356638)
See security aidit V4.5, the .htaccess file should not be…
-
# Microsoft Security Advisory CVE-2018-0787: ASP.NET Core Elevation Of Privilege Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a v…
-
### Summary:
Thank you for designing the F-Curator Desktop Application and making it open source and available. The application adds an event listener that prevents opening new windows, the sanitizat…
-
### Describe the bug
This one took hours to track down, and I'm not sure where to look beyond that it seems to be Formie and spam submission related bug of some sort.
We have been hitting issues o…
-
# Microsoft Security Advisory CVE-2023-44487: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerabilit…
-
https://github.com/mozilla/positron/blob/master/positron/electron/lib/browser/rpc-server.js#L46 checks if a prototype object is strictly equal to _Object.prototype_, i.e. `proto === Object.prototype`.…
-
**Is your feature request related to a problem? Please describe.**
The app i'm working on at the minute is undergoing a security audit. The auditors noticed a GET request adding a JWT token to the qu…
-
Some of our AWS examples assume you have a default VPC, and break if you do not. It is often common security practice to delete an account's default VPC upon creation to avoid accidental ingress/egres…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.memoize:4.1.2](https://ossindex.sonatype.org/component/pkg:npm/lodash.memoize@4.1.2) results in the following vulnerabil…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.uniq:4.5.0](https://ossindex.sonatype.org/component/pkg:npm/lodash.uniq@4.5.0) results in the following vulnerability(s)…