-
**Describe the feature request**
Add support for route percent matching [aka runtime_fraction](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-f…
-
Introducing a new `loop` scope could be useful in some rules. For example:
```
rule:
meta:
name: enumerate PE sections
namespace: load-code/pe
author: "@Ana06"
scope: func…
Ana06 updated
3 years ago
-
Host Header Injection: By capture the POST request for a password reset sent
to https://cpmr.tacc.utexas.edu/reset, a malicious user can edit the Host
entry in the header. This will modify the p…
-
### Issue
https://craft-test.online/9658/index.php/publicknowledge/en/invitation/accept?id=4&key=biSQvg
### Current findings
- Reproducible for non-installed systems, when you use an older config.…
-
### Is your feature request related to a problem? Please describe.
## Problem Statement:
### Rate Limiting
Without rate limiting, the server is vulnerable to abuse, such as brute-force attacks, b…
-
Vulnerable Library - aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Async http client/server framework (asyncio)
Library home page: https://files.pythonhosted.org/packages/7…
-
### Link to the code that reproduces this issue
https://codesandbox.io/p/sandbox/next-js-forked-slktwp
### To Reproduce
When start my application, my header is visible in the browser. This is causi…
-
There used to be a metadata view for both MEI and TEI files that would parse the header to a human-readable HTML page. Currently, this view is deactivated (commented out) in the code. I think nothing …
-
Hi, I have a question related to the automatic injection of tracing headers.
I am using Apache HTTP client and I noticed trace agent automatically adds these headers:
```
X-Datadog-Parent-Id: 9…
-
DMVC already has middleware for CORS and general Security Headers.
There is also a set of standards around Content Security Policy (CSP), designed to help detect and mitigate certain types of attac…