-
Notifications
You must be signed in to change notification settings - Fork 34
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
[MEDIUM] JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3988 In cdk8s-team/cdk8s-cli;[MEDIUM] uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3891 In cdk8s-team/cdk8s-cli;[MEDIUM] follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3878 In cdk8s-team/cdk8s-cli;[MEDIUM] lodash vulnerable to Prototype Pollution via array path bypass in
_.unsetand_.omitneeds-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3866 In cdk8s-team/cdk8s-cli;[HIGH] lodash vulnerable to Code Injection via
_.templateimports key namesneeds-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3865 In cdk8s-team/cdk8s-cli;[MEDIUM] Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3860 In cdk8s-team/cdk8s-cli;[LOW] Handlebars.js has a Property Access Validation Bypass in container.lookup
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3861 In cdk8s-team/cdk8s-cli;[CRITICAL] Handlebars.js has JavaScript Injection via AST Type Confusion
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3855 In cdk8s-team/cdk8s-cli;[HIGH] Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3853 In cdk8s-team/cdk8s-cli;[HIGH] Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3852 In cdk8s-team/cdk8s-cli;[HIGH] Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3854 In cdk8s-team/cdk8s-cli;[MEDIUM] Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection
needs-triagePriority and effort undetermined yetPriority and effort undetermined yetpriority/p0Needs to be addressed immediatelyNeeds to be addressed immediatelyStatus: Open.#3849 In cdk8s-team/cdk8s-cli;