-
**Is your feature request related to a problem? Please describe.**
The app i'm working on at the minute is undergoing a security audit. The auditors noticed a GET request adding a JWT token to the qu…
-
Some of our AWS examples assume you have a default VPC, and break if you do not. It is often common security practice to delete an account's default VPC upon creation to avoid accidental ingress/egres…
-
Similarly to some providers like youtube or plex, setting up a new client could:
1. ask for the server url
2. display a pin like `9F3L`
3. allow user to enter the PIN straight from any other logged…
-
**Describe the bug**
I am testing Authentik with LDAP federation using a TLS-only openLDAP. The LDAP server runs on Debian Bookworm with a normal TLS setup, a valid LE cert, TLS 1.2+, etc.
The A…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.memoize:4.1.2](https://ossindex.sonatype.org/component/pkg:npm/lodash.memoize@4.1.2) results in the following vulnerabil…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.uniq:4.5.0](https://ossindex.sonatype.org/component/pkg:npm/lodash.uniq@4.5.0) results in the following vulnerability(s)…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.debounce:4.0.8](https://ossindex.sonatype.org/component/pkg:npm/lodash.debounce@4.0.8) results in the following vulnerab…
-
spin-off from https://github.com/OWASP/ASVS/issues/1916 "Discussion/Proposal 1"
The [summary](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.3.3) for browser …
-
I am trying to run react 16.14.0 app using af-react-rendere and not able to run
followed same steps in https://opensource.adobe.com/aem-forms-af-runtime/storybook/?path=/story/adaptive-form-…
-
Package version (if known): v1.2.7 & current (2022-02-16) [InvenioRDM demo](https://inveniordm.web.cern.ch/) install
## Describe the bug
Posting to the REST api (e.g. https://inveniordm.web.cern.…