-
**Describe the bug**
We have multiple suppressions for vulnerabilities raised by NPM Audit Analyzer. From time to time the same vulnerabilties show up again as new ones, so we suppress them again. La…
-
Description
===========
the current version of lz4(zlib v1.2.8:[CVE-2016-9840, CVE-2016-9842,CVE-2016-9843,CVE-2016-9841]) and openssl (v1.0.2r:CVE-2021-23840,v1.0.2o:CVE-2018-0732) has security le…
-
**Description**
We add a suppression when really needed but at some point the suppression may become unnecessary. For example the dependency is updated (often the issue is hidden in a transitive depe…
-
A high severity vulnerability in [JSON5](https://github.com/advisories/GHSA-9c47-m6qq-7p4h) was discovered.
`tsconfig-paths` relies on this package.
Fortunately, a [fix](https://github.com/divid…
-
***Issue migrated from Redmine: https://redmine.postgresql.org/issues/6337***
*Originally created by **Gaurav popalghat** at 2021-03-24 06:44:23 UTC.*
Login Page Brute forced which leads to account t…
dpage updated
2 years ago
-
Not sure if this is something that needs addressing in `pex`.. but I've put it up here for completeness.
Report excerpt:
> Explanation
The pip package is vulnerable to Improper Input Validation…
-
For the 2.35.2 release of git, there were some internal changes made to mitigate security vulnerabilties.[1]
For us this means that if someone has their kiss repositories owned by another user (let…
-
Hello,
I have found a critial security vulnerability in CyberPanel that allows attackers easily compromise the server. I have sent an email containing detail of how to exploit this vulnerablity to …
-
# Lines of code
https://github.com/code-423n4/2022-05-cudos/blob/main/solidity/contracts/Gravity.sol#L429
# Vulnerability details
Usually, the `messageDigest` includes the chain ID, so signatures …
-
It has been reported that FS (all versions) have an open-redirect vulnerabilty. This is due to a combination of FS not doing complete checking of whether a redirect URL is relative or absolute, and m…