-
## The dependency [core-js](https://github.com/zloirock/core-js) was updated from `3.4.3` to `3.4.4`.
🚨 [View failing branch](https://github.com/hisptz/90-90-90-cascade-graph-widget/compare/master..…
-
Hello
your xmlrpc.php file is publicly available. it can lead to SSRF, Admin panel Bruteforce, DDOS attacks.
it's highly recommended to not make public those sensitive endpoints. I will mention …
-
Original report on H1 to the GitHub security team: https://hackerone.com/bugs?subject=user&report_id=689850
---
The GitHub Actions `downloadTool` API allows the download of tools over HTTP inste…
-
# [Github Externship](https://github-externships.github.io/externship/) Proposal
* Student ID: `#84086761`
* Application No: `21-05_Sha696_tfa_291`
* Mentors: `hendersa, Abhishek_, sakethr98, ppo…
-
## The devDependency [husky](https://github.com/typicode/husky) was updated from `3.0.9` to `3.1.0`.
🚨 [View failing branch](https://github.com/hisptz/integration-app/compare/develop...hisptz:greenk…
-
Vulnerable Library - chromedriver-2.35.0.tgz
ChromeDriver for Selenium
Library home page: https://registry.npmjs.org/chromedriver/-/chromedriver-2.35.0.tgz
Path to dependency file: /src/SignalR/clie…
-
How does one report security issues for image-rs projects?
What do you consider to be a security issue? Do you consider a panic when parsing an image to be a security issue?
My project would …
-
Vulnerability name: No email confirmation send after signing up
When you register for a new account, there is no verification link sent to the email for confirmation. The account is directly activ…
-
Hi,
I'm using bimg in one of my project to compress an image. I'm using the process function but if the image is manipulated for pixel flood attack it is stuck there only and gives VIPS warning but n…
-
### How to use GitHub
* Please use the đź‘Ť [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to show that you are affected by the same issue.
…