bangkotak issues

Results 4 issues of


                                            bangkotak

Update Patched Fix `openssl` `X509StoreRef::objects` is unsound

This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back. Use of this function should...

Update Patched Fix protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON

## Descriptions : The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a...

Update Patched Fix follow-redirects' Proxy-Authorization header kept across host

The project used `worldcoin/world-id-state-bridge` using axios, its dependency follow-redirects only clears authorization header during cross-domain redirect, but allows the proxy-authentication header which contains credentials too. ## Steps To Reproduce &...

Update Patched Fix TemporaryFolder on unix-like systems does not limit access to created files

## Summary: The JUnit4 test rule `TemporaryFolder` contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because...