Srinivasan Raghavan
Srinivasan Raghavan
I was referring the following link https://github.com/raix/push/blob/master/docs/ADVANCED.md There is a mention of the following internal sever api(s). ``` // Internal events Push.addListener('token', function(currentToken, newToken) { // Token is { apn:...
Is the input to the EJS render method sanitized? Reference from EJS documentation [Out-of-Scope Vulnerabilities](https://github.com/mde/ejs/blob/main/SECURITY.md#out-of-scope-vulnerabilities) Do we have to worry about this potential security issue ?
bump Microsoft.Extensions.Diagnostics.HealthChecks 6.0.9 to version Microsoft.Extensions.Diagnostics.HealthChecks/6.0.21 This will help remove vulnerability - CVE-2023-35391 - CVE-2023-33170
https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html ## What is missing or needs to be updated? (https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html#defense-option-4-escaping-all-user-supplied-input) Defense Option1 and Defense Option 2 are not enough to prevent SQL injection . In addition to option 1...
**Describe the bug** CVE-2023-29331 is related to System.ServiceModel.Primitives6.2.0 in the following manner nuget: System.ServiceModel.Primitives/6.2.0 refers - nuget: System.Security.Cryptography.Xml/6.0.1 refers - nuget: System.Security.Cryptography.Pkcs/6.0.1  https://github.com/dotnet/announcements/issues/257  CVE-2023-29331 - refers - nuget:...
Can the reporting plugin - TMPlatform_ReportingAddIn.msi and threat model word template be added to [github](https://github.com/simonec73/threatsmanager/releases) ?
### Type Documentation Issue Report ### What would you like to report? ML08:2023 Model Skewing and ML10:2023 Model Poisoning look very similar. Is this correct that attack vectors and mitigations...
I saw this property on AWS S3 - Host dynamic content like server side scripts. Is this really required . Let me know what you feel Got this back from...