-
# Lines of code
https://github.com/code-423n4/2022-11-size/blob/main/src/SizeSealed.sol#L131-L169
https://github.com/code-423n4/2022-11-size/blob/main/src/SizeSealed.sol#L404-L405
# Vulnerability d…
-
There is a security vulnerability in gopkg.in/yaml.v2: https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557
I found that in the turbot/steampipe project this is happening because of the …
-
As of today (July 22, 2022) there are a number of high and medium security vulnerabilities in the latest Shiny Server `1.5.18.987` released on April 20, 2022. Some of them can be traced to the custom …
-
There is a vulnerability with Newtonsoft.Json V 9.0.1 which this uses.
Can we please get an upgrade to Newtonsoft V 13.0.1 in the nuget package with the next release?
-
Description
===========
the current version of lz4(zlib v1.2.8:[CVE-2016-9840, CVE-2016-9842,CVE-2016-9843,CVE-2016-9841]) and openssl (v1.0.2r:CVE-2021-23840,v1.0.2o:CVE-2018-0732) has security le…
-
**Description**
We add a suppression when really needed but at some point the suppression may become unnecessary. For example the dependency is updated (often the issue is hidden in a transitive depe…
-
A high severity vulnerability in [JSON5](https://github.com/advisories/GHSA-9c47-m6qq-7p4h) was discovered.
`tsconfig-paths` relies on this package.
Fortunately, a [fix](https://github.com/divid…
-
Hello,
I have found a critial security vulnerability in CyberPanel that allows attackers easily compromise the server. I have sent an email containing detail of how to exploit this vulnerablity to …
-
I'm working on packaging serde for Fedora Linux, and I noticed that recent versions of serde_derive ship a precompiled binary now. This is problematic for us, since we cannot, under *no* circumstances…
-
**Describe the bug**
We have multiple suppressions for vulnerabilities raised by NPM Audit Analyzer. From time to time the same vulnerabilties show up again as new ones, so we suppress them again. La…