-
I tried a bundle_audit:update and got:
Updating ruby-advisory-db ...
From https://github.com/rubysec/ruby-advisory-db
* branch master -> FETCH_HEAD
Updating be85e28..614dea0
error…
-
# Proposed New Idea/Feature (required)
Please provide a "Vendor Product File Format" for use on a vendor's website, to clearly publish past product vulnerabilities in a way that is easy to read and p…
-
Hi @JelteF
Hope u are well!
You had suggested a solution in this ticket. https://github.com/django-tenants/django-tenants/issues/447
It works well to an extent but we keep getting hit with Adv…
-
There are a number of places (excluding custom setups, certain licenses, etc) where explicitly disallowing certain values of certain fields from solver build plans could be useful, or, alternately, wa…
gbaz updated
6 months ago
-
Crate: rust-embed
Version: 5.9.0
Title: RustEmbed generated `get` method allows for directory traversal when reading files from disk
Date: 2021-11-29
ID: RUSTSEC-2021-0126
U…
-
I initially created the issue here https://github.com/microsoft/sbom-tool/issues/478, but it seemed to be the wrong repo.
Composer is a dependency manager for PHP: https://getcomposer.org/
It wo…
-
```
=== npm audit security report ===
# Run npm update elliptic --depth 5 to resolve 2 vulner…
-
```
Installing NPM dependencies...
audited 189227 packages in 6.24s
found 18 vulnerabilities (12 low, 6 high)
run `npm audit fix` to fix them, or `npm audit` for details
```
-
## User Story or Problem Statement
According to https://github.com/advisories/GHSA-qwcr-r2fm-qrc7/dependabot?query=user:department-of-veterans-affairs, there is a recent vulnerability in expressjs/bod…
-
Hi,
I was trying out cloning this repo and doing install locally, npm install indicated 99 vulnerabilities found.
Reporting issue - so this does not fall out of track. (**master** branch)
```…