-
**Describe the bug**
Our security team is working on the automated detection of session vulnerabilities in opensource web applications, including CSRF. Our analyzer identified that the register funct…
-
Why can't dep-scan accept existing vulnerability data in vex and other formats and prioritize it by understanding the application context? The key differentiation aspects of dep-scan are the CVE insig…
-
## CVE-2020-7788 - High Severity Vulnerability
Vulnerable Libraries - ini-1.3.5.tgz, ini-1.3.4.tgz
ini-1.3.5.tgz
An ini encoder/decoder for node
Library home page: https://registry.npmjs.org/ini/-…
-
Vulnerable Library - rtdip_sdk-0.6.1-py3-none-any.whl
Path to dependency file: /tmp/ws-ua_20240730130235_KVVOZT/cmd_NQQTWK/20240730131321/.ws-temp-MPQIJO-requirements.txt
Path to vulnerable library…
-
## CVE-2021-45710 - High Severity Vulnerability
Vulnerable Libraries - tokio-0.1.22.crate, tokio-0.2.24.crate
tokio-0.1.22.crate
An event-driven, non-blocking I/O platform for writing asynchronous…
-
## CVE-2016-4797 - Medium Severity Vulnerability
Vulnerable Library - openjpegv2.3.0
Official repository of the OpenJPEG project
Library home page: https://github.com/uclouvain/openjpeg.git
Found i…
-
Findings for Container Security, Medium, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Out-of-bounds Read
## Component Details
- **Exploit Maturity**: no-known-exploit
- **Vulnerable Packag…
-
1. Vulnerability affects product:onekeyadmin
2. Vulnerability affects version 1.3.9
3. Vulnerability type:file reading
4. Vulnerability Details:
Vulnerability location
Vulnerability occurs in
…
-
**Describe the solution you'd like**
Currently, we have a single table which list all the vulnerabilities on an endpoint. We want to group by application, so we can get a list of vulnerable applica…
-
## CVE-2021-37137 - High Severity Vulnerability
Vulnerable Library - netty-codec-4.1.34.Final.jar
Netty is an asynchronous event-driven network application framework for
rapid development of mai…