-
## As a question
Is it safe to automatically run languages servers and tree sitter on arbitrary files? Sometimes I just want to view files without executing code in any way, especially when viewing…
-
### Current Behavior
When downloading the SBOM (with the vulnerabilities) for a project having a dependency on pkg:maven/org.apache.camel/camel-support@4.3.0, the GHSA-qpxm-689r-3849 is not returned.…
-
See details at: https://github.com/casdoor/casdoor/blob/master/SECURITY.md
-
We are doing some work at the summit on security best practices and vulnerability disclosure came up. So we'll add it as SPEC 11. Here's the scope for the spec:
- Securicy policy (What should inclu…
-
Description from Penetration Testing:
Application browser may store a local cached copy of content received from web servers including sensitive content accessed via HTTPS. Sensitive information in th…
-
### Is this the right place to submit this?
- [X] This is not a security vulnerability or a crashing bug
- [X] This is not a question about how to use Istio
### Bug Description
[This line](https://…
-
### Current Behavior
Our pipelines are failing due to the [vulnerability](https://nvd.nist.gov/vuln/detail/CVE-2024-45296) issue cased by the library path-to-regexp
![Screenshot 2024-09-10 at 17 …
-
Dear Team Members:
Greetings! Our team is very interested in your project. we performed source code perspective security analysis (SCA) and vulnerability library association analysis on this project …
-
As per https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/, multiple critical and high CVEs were reported to Gogs maintainers in April 2023 but have not…
k3an3 updated
2 months ago
-
### How frequently does the bug occur?
All the time
### Description
After installing realm with my Electron app using `npm install realm --save` it says there are 11 moderate severity vulnerabilities…