-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.memoize:4.1.2](https://ossindex.sonatype.org/component/pkg:npm/lodash.memoize@4.1.2) results in the following vulnerabil…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.uniq:4.5.0](https://ossindex.sonatype.org/component/pkg:npm/lodash.uniq@4.5.0) results in the following vulnerability(s)…
-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.debounce:4.0.8](https://ossindex.sonatype.org/component/pkg:npm/lodash.debounce@4.0.8) results in the following vulnerab…
-
spin-off from https://github.com/OWASP/ASVS/issues/1916 "Discussion/Proposal 1"
The [summary](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.3.3) for browser …
-
### Describe the bug
This one took hours to track down, and I'm not sure where to look beyond that it seems to be Formie and spam submission related bug of some sort.
We have been hitting issues o…
-
https://github.com/mozilla/positron/blob/master/positron/electron/lib/browser/rpc-server.js#L46 checks if a prototype object is strictly equal to _Object.prototype_, i.e. `proto === Object.prototype`.…
-
```
We're running on 64-bit Ubuntu with the following versions installed (as part
of the script):
eventlog_0.2.12.tar.gz
syslog-ng_3.2.2.tar.gz
elsa-0.1.1.tar.gz
We're trying to write a new parser…
-
### Finding Description
Your application is using `addJavascriptInterface()`. This may allow an attacker to execute arbitrary code on Android devices. The vulnerability is exploited by injecting Java…
-
**Describe the bug**
I am testing Authentik with LDAP federation using a TLS-only openLDAP. The LDAP server runs on Debian Bookworm with a normal TLS setup, a valid LE cert, TLS 1.2+, etc.
The A…
-
### Describe the bug
Snyk acuse vulnerable dependencies in react-scripts
### Did you try recovering your dependencies?
yes
### Which terms did you search for in User Guide?
…