carrotsh
carrotsh copied to clipboard
AnnikaV9
A lightweight and secure remote access server that allows clients to connect through a browser.
**Severity: Low (At the moment)** ### The Issue The TOTP secret key generated by the server is stored as plaintext in login/2fa_key. While it is unlikely anyone who doesn't have...
Bumps [ws](https://github.com/websockets/ws) from 8.13.0 to 8.14.1. Release notes Sourced from ws's releases. 8.14.1 Bug fixes Improved the reliability of two tests for CITGM (fd3c64cb). 8.14.0 Features The WebSocket constructor now...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [pyotp](https://github.com/pyotp/pyotp) from 2.8.0 to 2.9.0. Release notes Sourced from pyotp's releases. v2.9.0 Add parse_uri() support for Steam TOTP (#153) Test and documentation improvements Changelog Sourced from pyotp's changelog. Changes...
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. Release notes Sourced from word-wrap's releases. 1.2.4 What's Changed Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24 🔒fix: CVE 2023 26115 (2) by @OlafConijn in...
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0 to 6.0.1. Changelog Sourced from pyyaml's changelog. 6.0.1 (2023-07-18) yaml/pyyaml#702 -- pin Cython build dep to < 3.0 Commits c42fa3b 6.0.1 release ae08bdc block Cython 3.0+...
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. Release notes Sourced from semver's releases. v5.7.2 5.7.2 (2023-07-10) Bug Fixes 2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys) Changelog Sourced from semver's...
Bumps [node-pty](https://github.com/microsoft/node-pty) from 0.10.1 to 1.0.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...