-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
### 🐛 Describe the bug
`torch.linalg.eigh` crashes if the model is compiled into an AOTInductor model and used from the C++ side. The example python code is attached as follows:
```python
import os…
-
Their is a vulnerabilitie that is introduce by using package webpack-inject-plugin.
See an alternative solution https://github.com/adierkens/webpack-inject-plugin/issues/66 to remove that vulnerabi…
-
The customer does not want to communicate "issues" to their users in a way that provides no action for them and they do not want "issues" to be flagged to an end user where they're not explicitly in c…
-
## CVE-2024-7652 - High Severity Vulnerability
Vulnerable Library - mongor5.0.0-rc5
The MongoDB Database
Library home page: https://github.com/mongodb/mongo.git
Found in HEAD commit: 60ef70ebd8d46f…
-
Good day,
This was brought up by our security team by one of their scans. I told them I would bring this up to you.
**Cookie Session vulnerabilities:**
1) Clear Text (missing value=secu…
-
Vulnerable Library - bootstrap-3.3.7.jar
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /webwolf/pom.xml,/webgoat-in…
-
## Goal
As a user looking at a software vulnerability, I want to clearly see know if the package actually has a higher version available.
>From Vanta: (heuristically is fine) In our experience, t…
-
### 🐛 Describe the bug
Not a bug, just a UserWarning which is ignorable. I'm merely doing as instructed in the warning, that is reporting it as an issue here. Searching past issues didn't find th…
-
This is a time-boxed (~2 points) effort to do bullet number 2 of https://github.com/fleetdm/fleet/issues/21233.
Go tests we can split to a separate job (I'm all ears):
- Migration tests (`server/d…