Kaixuan Li

icon indicating a website link https://kaixuanli-ecnu.github.io/ icon indicating an email [email protected]

icon location Singapore icon location Research fellow at Nanyang Technological University.

Results 17 comments of Kaixuan Li

[GHSA-5wqf-h3r3-gxvh] Uncontrolled Resource Consumption in Apache CXF

Hi bro. did you notice that the commit msg is same with the existing patch commit for this cve? the patch I updated is for v3.0.0, and the current patch...

[GHSA-898j-5cc8-cmf5] Moderate severity vulnerability that affects org.apache.storm:storm-core

Hi, you can see the root cause of this CVE on the NVD or CVE website. and the commit msgs and code diff of these commits show their intention for...

[GHSA-jcp9-796g-pv9p] Missing Cryptographic Step in OWASP Enterprise Security API for Java

@darakian , hi, I wonder what additional information or format you want? :( it seems the commit msg explicitly claims it fixed the issue 306 https://github.com/ESAPI/esapi-java-legacy/issues/306. the issue is also...

Is Securify2 supported by SmartBugs now?

Ok, I got it~ Maybe the `README.md` is confusing. hhh ![image](https://user-images.githubusercontent.com/38575222/220095538-e5383db1-89af-4f8e-8284-a1d94ef29c0f.png) Anyway, thanks for your kind reply and advice!

Is Securify2 supported by SmartBugs now?

Oh, I made a mistake for it. So sorry! Hhh Thanks!

[False-Positive]: Incorrect `block.timestamp` Flagging

Hi, @smonicas, thanks for your prompt response. I really appreciate the explanation! I understand now that this false positive occurs due to Slither's current field-insensitive analysis when handling structs, where...

[GHSA-c438-8cvq-pxxx] Apache Tapestry Unsafe Object Storage

Hello @shelbyc, Sorry for the delayed reply. I appreciate your perspective on this issue and understand the concern regarding duplicate references. However, I believe the commit apache/tapestry-5@95846b1, though appearing similar,...