-
### Issue description
Please fix high checkmarx security vulnerability in typeorm
### Expected Behavior
No security vulnerabilities are reported by Checkmarx in typeorm
### Actual Behavior
typeor…
-
Hello,
I'm using serve-static in my project and I noticed that it depends on the send package version 0.18.0, which has a known security vulnerability (see [CVE-2024-43799](https://github.com/advis…
-
The API for a vulnerability returns score like this:
```JSON
{
"reference_url": "https://github.com/log4js-node/streamroller/pull/87",
"reference_id": "",
…
-
**Checklist**
- Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image?
- No
- Are you sure you're not using someone else's docker image?
- Yes
- Have yo…
-
#### Issue Description
Note: This is a rewrite of the original issue, separating concerns related to CORS and a potential DoS attack vector, now located at https://github.com/siv-org/siv/issues/205…
-
More details still needed for proper investigation.
Some background on a big attack that took place in 2010: [arstechnica.com/information-technology/2010/11/how-china-swallowed-15-of-net-traffic-fo…
-
**Describe the problem**
When I ran Trivy security scan on the docker images, I found quite a few security vulnerabilities.
**To Reproduce**
1. Install Trivy
sudo apt-get install wget apt-t…
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.8.0-12 | Wazuh Vulnerability Detection | Agent | Vulnerability Detection | Ubuntu 22.04.4 |
Wazuh 4.8.0 ad…
-
### What is your question?
When creating EKS or AKS clusters, we often include various platform managing applications such as ArgoCD, secret operators, or ingress controllers like NGINX/Kong, which…
-
## Proposal
**Use case. Why is this important?**
Currently the Makefile pipes a download from curl directly to tar without verifying checksums.
This makes the build vulnerable to man in the middle…