-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.debounce:4.0.8](https://ossindex.sonatype.org/component/pkg:npm/lodash.debounce@4.0.8) results in the following vulnerab…
-
I am trying to run react 16.14.0 app using af-react-rendere and not able to run
followed same steps in https://opensource.adobe.com/aem-forms-af-runtime/storybook/?path=/story/adaptive-form-…
-
[This issue is imported from pivotal - Originaly created at Jun 14, 2018 by Joris Steyn](https://www.pivotaltracker.com/story/show/158356638)
See security aidit V4.5, the .htaccess file should not be…
-
Hello,
I'm trying to use OOD to connect to a custom HTTPS server using the reverse proxy feature.
While it works very well for unsecure web servers (HTTP), with the SSL layer I'm getting the follo…
-
**Describe the bug**
I am testing Authentik with LDAP federation using a TLS-only openLDAP. The LDAP server runs on Debian Bookworm with a normal TLS setup, a valid LE cert, TLS 1.2+, etc.
The A…
-
So I think a security vulnerability would be if a malicious website sent a request to localhost:port, as flask-desktop is connected to python that has a higher amount of user access(such as modifying …
-
The docs, and almost every Tornado code example on the internet adds handlers to an `Application` via the `handlers` argument to the constructor. That means the application accepts requests for any ho…
-
Package version (if known): v1.2.7 & current (2022-02-16) [InvenioRDM demo](https://inveniordm.web.cern.ch/) install
## Describe the bug
Posting to the REST api (e.g. https://inveniordm.web.cern.…
-
```
We're running on 64-bit Ubuntu with the following versions installed (as part
of the script):
eventlog_0.2.12.tar.gz
syslog-ng_3.2.2.tar.gz
elsa-0.1.1.tar.gz
We're trying to write a new parser…
-
### Finding Description
Your application is using `addJavascriptInterface()`. This may allow an attacker to execute arbitrary code on Android devices. The vulnerability is exploited by injecting Java…