-
# Lines of code
https://github.com/code-423n4/2024-06-vultisig/blob/main/src/base/ILOVest.sol#L43
# Vulnerability details
## Impact
Stakeholders can bypass the vesting invariant and withdraw toke…
-
I'm using jtidy-1.0.4 still facing CVE-2023-34623 issue.
The dependency I'm using:
com.github.jtidy
jtidy
1.0.4
The owasp dependency-check version I'm using is 8.3.1. @haumach…
-
**Describe the bug**
CISA has reported the log4j vulnerability here:
https://www.cisa.gov/news-events/news/apache-log4j-vulnerability-guidance
> CISA and its partners, through the [Joint Cyber D…
-
Dear harbor team,
I want to get help from you that, if we delete an artifact(docker image), will the data associated with it also be deleted?
for example, the vulnerability data, audit logs.
…
-
### Clear and concise description of the problem
The config of `html-minifier` is hard-encoded in source file.
We should expose them.
### Suggested solution
Expose both of prettier and html-mini…
-
Dear author, how can I report a security issue for you, just paste the details here or send it to you by email? Additionally, would you mind applying a CVE serial number for me after that? Thank you:…
-
A [recent blog post](https://blog.jupyter.org/cve-2021-32797-and-cve-2021-32798-remote-code-execution-in-jupyterlab-and-jupyter-notebook-a70fae0d3239) described two mailing lists relating to security:…
-
### Current Behavior
At present, when uploading SBOMs for an Amazon Linux 2023 based AMI, the AMI is reported as "not vulnerable" because the SBOM contains packages prefixed with `amzn` (or similar…
-
```yaml
{
"id": 452,
"title": "RVD#452: DDS cryptographic plugin, MD-5 vulnerable to pre-image attacks",
"type": "bug",
"description": "The use of MD-5 as stated in the standard for k…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0x301f2aa465bc5205e1d38f7d64769bc92a3ca07464f32503718d3f282577bbfd
**Severity:** high
**Description:**
**Description*…