Jörmungandrk
Jörmungandrk
https://github.com/h2oai/h2o-3/blob/e6a314be0804d41a70deff25ab4e924e7e1b6669/h2o-extensions/xgboost/src/main/java/hex/tree/xgboost/remote/RemoteXGBoostUploadServlet.java#L27-L27 https://github.com/h2oai/h2o-3/blob/e6a314be0804d41a70deff25ab4e924e7e1b6669/h2o-extensions/xgboost/src/main/java/hex/tree/xgboost/remote/RemoteXGBoostUploadServlet.java#L22-L30 --- Accessing paths controlled by users can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being...
https://github.com/h2oai/h2o-3/blob/e6a314be0804d41a70deff25ab4e924e7e1b6669/h2o-core/src/main/java/water/api/KillMinus3Handler.java#L33-L33 Code that builds a command line by concatenating strings that have been entered by a user allows the user to execute malicious code. In the following `latlonCoords` contains a...
https://github.com/discourse/discourse/blob/fb7fa2902cf685ee9d4002e5448b4817f2dbef98/app/controllers/tag_groups_controller.rb#L52-L52 Operations that allow for mass assignment (setting multiple attributes of an object using a hash), such as `ActiveRecord::Base.new`, should take care not to allow arbitrary parameters to be set...
https://github.com/discourse/discourse/blob/a19c45fdc0375f4e8ed1ee774aa7a229b0660973/app/controllers/admin/site_settings_controller.rb#L73-L73 To fix the problem, we need to ensure that the `id` parameter is properly validated and sanitized before being used in the `public_send` method. One way to achieve this...
https://github.com/buzzfeed/sso/blob/549155a64d6c5f8916ed909cfa4e340734056284/internal/auth/authenticator.go#L430-L430 fix the problem to validate the `redirectURI` to ensure it is a local URL and does not redirect to a different host. This can be done by parsing the...
https://github.com/segmentio/analytics-next/blob/80ef0bee716ee616ce9369da946be2999f3fe3a4/packages/browser/scripts/vendor/run.js#L6-L12 Fix the issue will replace the use of `execSync` with `execFileSync` and pass the command arguments separately. This approach avoids shell interpretation of the dynamically constructed command string. Specifically:...
https://github.com/motioneye-project/motioneye/blob/5158ddc8fb3d9925f11d078ae55654864a28edd0/motioneye/controls/v4l2ctl.py#L98-L98 https://github.com/motioneye-project/motioneye/blob/5158ddc8fb3d9925f11d078ae55654864a28edd0/motioneye/utils/__init__.py#L664-L664 Fix the issue need to ensure that user-provided input is sanitized or validated before being passed to `subprocess.run`. The best approach is to implement an allowlist of acceptable...
https://github.com/gnuradio/gnuradio/blob/f7628889f6f3fe0b8016b78ea0b2b1adc71dd260/gr-blocks/lib/file_meta_sink_impl.cc#L162-L173 https://github.com/gnuradio/gnuradio/blob/f7628889f6f3fe0b8016b78ea0b2b1adc71dd260/gr-blocks/lib/file_meta_source_impl.cc#L274-L279 This rule finds comparisons of a pointer to null that occur after a reference of that pointer. It's likely either the check is not required and can be...
fix the problem need to ensure that the size computation does not overflow. This can be achieved by validating the size of `hll.SparseData` before performing the arithmetic operation. Specifically, we...
https://github.com/GoogleChrome/workbox/blob/e26d8d7507f9412ba029922f3d9920e68710f2cf/demos/src/workbox-window/updateServer.js#L20-L20 https://github.com/GoogleChrome/workbox/blob/e26d8d7507f9412ba029922f3d9920e68710f2cf/demos/src/workbox-window/updateServer.js#L32-L35 Fix the issue the code should avoid interpolating untrusted user input directly into a shell command. Instead, use safer alternatives such as `execFileSync`, which accepts arguments as an...