-
Continued from #343.
#### Notes
Please check the open issues for an area to contribute. `bukuserver` has several open features requests.
The list below is a growing one. While suggesting new …
jarun updated
2 weeks ago
-
## The devDependency [coveralls](https://github.com/nickmerwin/node-coveralls) was updated from `3.0.8` to `3.0.9`.
🚨 [View failing branch](https://github.com/rxreact/signal-connect/compare/master..…
-
Edit: moved from issue title to body for hyperlink: https://snyk.io/research/zip-slip-vulnerability
---
The u-root project has several programs that unarchive files -- cpio, tar, zip, etc.
A…
-
## The devDependency [coveralls](https://github.com/nickmerwin/node-coveralls) was updated from `3.0.7` to `3.0.8`.
🚨 [View failing branch](https://github.com/perflint/perflint/compare/master...perf…
-
VULNERABILITY ANALYSIS RESULTS:
DockerHub External Image: confluentinc/cp-schema-registry:5.4.0
[Vulnerability 01]
TITLE: [linux] libgcrypt20 - CVE-2019-13627:
pkg: libgcrypt20: 1.6.3-2+deb8…
-
## Version **3.0.1** of [coveralls](https://github.com/nickmerwin/node-coveralls) was just published.
Branch
Build failing 🚨
Dependency
…
-
**Describe the bug**
When analyzing projects with a yarn.lock file:
"java.util.NoSuchElementException: No value present" occurs at "org.owasp.dependencycheck.analyzer.YarnAuditAnalyzer.fetchYarnAudi…
-
### Module
Core
### Proposal
Introduced: 19 Feb 2024
reference: https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-6254296
Overview
org.apache.commons:commons-compress is an API for work…
-
```
$ cat shellrc
/bin/id
$ ./evilarc.py -f evil.tar.gz -o unix -p etc shellrc
Creating evil.tar.gz containing ../../../../../../../../etc/shellrc
```
* Output of `pyinstaller --version`: ```(4.5.1)```
* Version of Python: Python 3.9.7
* Platform: OSX -> target…