👑 Easy-to-use and powerful NLP and LLM library with 🤗 Awesome model zoo, supporting wide-range of NLP tasks from research to industrial applications, including 🗂Text Classification, 🔍 Neural Search, ❓ Question Answering, ℹ️ Information Extraction, 📄 Document Intelligence, 💌 Sentiment Analysis etc.
I'm a Cybersecurity researcher developing PackjGuard [1]. Our tool has detected a dependency confusion vulnerability in this repository. In order for me to disclose it, kindly enable GitHub Private vulnerability reporting, which allows security research to responsibly disclose a security vulnerability.
Thanks!
PackjGuard is a Github app that monitors repos for malicious, vulnerable, abandoned, and other "risky" dependencies and mitigates attacks by creating pull requests for automatic remediation https://github.com/marketplace/packjguard
问题描述
Hi,
I'm a Cybersecurity researcher developing PackjGuard [1]. Our tool has detected a dependency confusion vulnerability in this repository. In order for me to disclose it, kindly enable GitHub Private vulnerability reporting, which allows security research to responsibly disclose a security vulnerability.
Thanks!
PackjGuard is a Github app that monitors repos for malicious, vulnerable, abandoned, and other "risky" dependencies and mitigates attacks by creating pull requests for automatic remediation https://github.com/marketplace/packjguard