MoonLord-LM issues

Results 5 issues of


                                            MoonLord-LM

【CVE】libbz2-a273e504.so.1.0.6 still has 2 CVE

**This issue seems to be still not fixed？** https://github.com/opencv/opencv-python/issues/659 libbz2-a273e504.so.1.0.6 has 2 CVE [CVE-2019-12900](https://nvd.nist.gov/vuln/detail/CVE-2019-12900) [CVE-2016-3189](https://nvd.nist.gov/vuln/detail/CVE-2016-3189) installation method: pip install opencv-python get opencv_python-4.5.5.64-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl

Add support for [chacha20-ietf-poly1305] and [xchacha20-ietf-poly1305]

https://crypto.stackexchange.com/questions/73220/which-version-of-chacha-is-more-secure https://www.google.com/search?ie=UTF-8&q=chacha20-ietf-poly1305 https://www.google.com/search?ie=UTF-8&q=xchacha20-ietf-poly1305

npm WARN deprecated @braintree/[email protected]: Potential XSS vulnerability patched in v6.0.0.

npm install -D "vuepress-plugin-mermaidjs" ``` npm WARN deprecated @braintree/[email protected]: Potential XSS vulnerability patched in v6.0.0. ``` The sanitize-url should be updated.

[Maximum file upload size] seems to be unused, right?

``` // Maximum file upload size // Increase the following values in php.ini to work properly // memory_limit, upload_max_filesize, post_max_size $max_upload_size_bytes = 5000; // max upload file size define('MAX_UPLOAD_SIZE', $max_upload_size_bytes);...

【XSS】Why the Safelist does not support [data:] type of image ?

such as: ``` ``` code: https://github.com/jhy/jsoup/blob/8b5d2ad19272b8b8265220ff0669518e9eb80734/src/main/java/org/jsoup/safety/Safelist.java#L138 Is there any xss example for this case ?