-
## CVE-2024-7971 - High Severity Vulnerability
Vulnerable Libraries - v88.3.47, v88.3.47, v88.3.47
Vulnerability Details
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allo…
-
I feel like this is an important point that your POC potentially proves. This vulnerability should not be labeled RCE if there is no possibility to execute code with a payload (i.e. get a shell to the…
-
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
> [!WARNING]
These dependencies …
-
**Project Details:**
We currently perform only code quality check on Coverage using sonarcloud.
Code security is an important aspect using which we will be able to identify security issues an…
-
After running the npm audit, the report shows 2 high-security vulnerabilities for version 3.1.6 of ejs that gluegun depends on. It requires version ^3.1.7
npm audit report
ejs =0.3.0
Depends…
-
I have identified a security vulnerability on this project, but the project does not have a defined security policy. Could someone provide information about how to safely disclose the vulnerability?
-
## CVE-2024-8387 - Critical Severity Vulnerability
Vulnerable Library - icecaticecat-60.3.0-gnu1
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/icecat?wsslib=icecat
Found in HEAD comm…
-
## CVE-2022-25871 - High Severity Vulnerability
Vulnerable Library - querymen-2.1.4.tgz
Querystring parser middleware for MongoDB, Express and Nodejs
Library home page: https://registry.npmjs.org/qu…
-
The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
The actual depe…
-
Automated security vulnerability audit tools complain about outdated versions of terser:
https://github.com/advisories/GHSA-4wf5-vphf-c2xc