-
We use [Renovate Bot](https://github.com/renovatebot/renovate) on our projects to detect dependencies upgrades and vulnerabilities since Renovate adds OSV database check (https://osv.dev/blog/posts/re…
-
See how reliable and accessible this vulnerability database is
https://snyk.io/
https://github.com/snyk/snyk
-
Seems we are using spring beans version 5.2.10 needs to be upgraded.
Details of the vulnerability attached below
Remote Code Execution
Affecting [org.springframework:spring-beans](https://secu…
-
## Title
Snyk vulnerabilities
## Description
- There are multiple Snyk vulnerabilities in dependencies used in Chatbot.Listed below
- Critical
- sequelize(SQL Injection): Introduced through…
-
**Describe the bug**
After fixing #3139 another error message with Snyk.io was shown. As quoted in that ticket:
> It looks like our handling of Snyk is correct, however not all listed Snyk finding…
-
When using https://app.snyk.io to monitor my project, Sprache displays some errors about security.
# Denial of Service (DoS)
Affected module: System.Net.Http@4.3.0
Introduced through: Sprache.Sig…
StefH updated
4 months ago
-
## Current behavior
- `snyk` dependency [is used](https://github.com/cfpb/cfgov-refresh/blob/master/package.json#L101) for running `npm run test`, however, this requires an authenticated snyk accou…
-
## Description
The goal of this change is to enhance the usability of Langfuse's Prompt Management feature. Currently, users can manage prompts via the UI, SDKs, and API to create, update, and rele…
-
Snyk has created this PR to upgrade electron-updater from 6.3.3 to 6.3.4.
:infor…
-
**Description: Inefficient Algorithmic Complexity**
Info: https://security.snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
Introduced through: flask@2.2.5
From: flask@2.2.5 > werkzeug@2.2.3
any …