Jörmungandrk
Jörmungandrk
https://github.com/octodevark/mujoco/blob/caaf7b3a69d674c98572c0244dce1081abe49ca1/src/engine/engine_util_solve.c#L1391-L1411 Fix the issue return value of `snprintf` should be checked to ensure it does not exceed the remaining buffer size (`logsz-logptr`). If the return value is negative or greater...
https://github.com/OpenMage/magento-lts/blob/591aedbf65df5680b8a59edb94e9309cf06d9456/js/prototype/prototype.js#L624-L624 fix the problem ensure that all instances of the targeted patterns are removed, even if they appear consecutively or in a nested manner. One effective way to achieve this...
https://github.com/microsoft/GraphEngine/blob/e3c0e1946d5a49612ac394593de8145594efbdc5/src/Trinity.C/src/Storage/MemoryTrunk/MemoryTrunk.DefragTwoRegion.cpp#L43-L43 Fix the issue the result of the subtraction `hole_right_offset - _bwd_cell_offset - _bwd_cell_size` should be cast to a signed type (e.g., `int64_t`) before performing the comparison. This ensures that...
https://github.com/mozilla/addons-frontend/blob/1cd93c99caaf3bb1c6228b3d63c3b62755d323ac/bin/create-locales#L15-L15 https://github.com/mozilla/addons-frontend/blob/1cd93c99caaf3bb1c6228b3d63c3b62755d323ac/bin/create-locales#L37-L38 Fix the issue, we will replace the use of `shell.exec` with a safer alternative that avoids shell interpretation of dynamic values. Specifically, we will use `child_process.execFileSync`, which allows...
https://github.com/HubSpot/Singularity/blob/15688f486fc9286878eff40b51789c88bd6899d5/SingularityService/src/main/java/com/hubspot/singularity/auth/datastore/SingularityLDAPDatastore.java#L161-L161 To fix the issue need to ensure that the `user` input is properly sanitized before being used in the LDAP query. The best approach is to use a library...
https://github.com/logdna/logdna-agent/blob/2313b15a8223905bbf69860ecd61eda79a866168/index.js#L279-L279 Constructing a regular expression with unsanitized user input is dangerous as a malicious user may be able to modify the meaning of the expression. In particular, such a user...
fix vulnerable in #247 To fix the problem, we need to sanitize the user input before using it to construct the regular expression. The best way to do this is...
Some regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length n is proportional to...
https://github.com/okx/exchain/blob/1f43bef3e9cfdfe5d3bb4fcb968e067db0e4b623/app/start_from_snapshot.go#L136-L136 fix the issue need to validate the `header.Name` field to ensure it does not contain directory traversal sequences (`..`) or absolute paths. This can be achieved by: 1. Using...
https://github.com/FasterXML/jackson-core/blob/6affde88dd3820b8c2eeb8700ae24b75651c8fcd/src/main/java/com/fasterxml/jackson/core/io/schubfach/FloatToDecimal.java#L408-L408 https://github.com/FasterXML/jackson-core/blob/6affde88dd3820b8c2eeb8700ae24b75651c8fcd/src/main/java/com/fasterxml/jackson/core/io/schubfach/FloatToDecimal.java#L415-L415 https://github.com/FasterXML/jackson-core/blob/6affde88dd3820b8c2eeb8700ae24b75651c8fcd/src/main/java/com/fasterxml/jackson/core/io/schubfach/FloatToDecimal.java#L426-L426 https://github.com/FasterXML/jackson-core/blob/6affde88dd3820b8c2eeb8700ae24b75651c8fcd/src/main/java/com/fasterxml/jackson/core/io/schubfach/FloatToDecimal.java#L440-L440 Fix the issue need to ensure that the type of the left-hand side (`f`) is at least as wide as the type of the right-hand side...