issues Search Results · language:Dune language:Python language:Java language:Java language:JavaScript language:Python
Filter by
54.8M results
Hi @Tasoskourouniadis
Thank you for open-sourcing this repository! Your original Java implementation was a fantastic reference for me. I
wanted to give you a quick heads-up that I’ve spent the last ...
saifmukhtar
🟡 MEDIUM — Server-Side Request Forgery (SSRF) risk at ECS Container Platform server-side web-requesting the target AWS ECR Container Registry via Pull Images from ECR
| Field | Value |
| --- | --- |
| ...
security
severity: medium
threagile:server-side-request-forgery@ecs-4ba4a37f
threat-model
Luv1881
Problem
The audit trail pages — validator audit log (/dashboard/validator/audit) and admin system audit — have styling that s
inconsistent with other dashboard pages. They lack the standard WIMS-BFP card ...
enhancement
ready-for-agent
x1n4te
🟠 HIGH — Server-Side Request Forgery (SSRF) risk at Lambda Email Notifier server-side web-requesting the target AWS SES via SES Email Send
| Field | Value |
| --- | --- |
| Adjusted Score | 7.25/10 | ...
security
severity: high
threagile:server-side-request-forgery@lam-18fc0036
threat-model
Target Project: Lavalamp
Task Type: maintenance_build
Goal: build firmware artifact containing CY Tidal Bloom from existing runner worktrees.
Use base: /home/agent/agent-dev/worktrees/lavalamp/issue-731/firmware/WLED ...
risk:yellow
runner:ready
target:lavalamp
alanua
🟠 HIGH — Server-Side Request Forgery (SSRF) risk at API Server server-side web-requesting the target MinIO Object Storage via MinIO File Storage
| Field | Value |
| --- | --- |
| Adjusted Score | 7.25/10 ...
security
severity: high
threagile:server-side-request-forgery@api-f3c5fec9
threat-model
🔴 CRITICAL — Exposed Default Credentials: MinIO Object Storage is tagged as intentional-misconfiguration and stores confidential data
| Field | Value |
| --- | --- |
| Adjusted Score | 9.25/10 |
| Category ...
security
severity: critical
threagile:exposed-default-credentials@min-723202b5
threat-model
親Issue
Related to #62
親Issue:
DEA Plus Phase 2-3以降の問題スキーマ拡張・問題データ拡充計画
https://github.com/yuyuyu0706/quiz-practice/issues/62
Issue種別
設計整理 / Documentation / PR単位Issue
推奨ラベル案
dea-quiz-app-plus
phase-2 ...
yuyuyu0706
🟠 HIGH — Unencrypted Communication named HTTP to API Server between Nginx Reverse Proxy and API Server
| Field | Value |
| --- | --- |
| Adjusted Score | 7.25/10 |
| Category | unencrypted-communication ...
security
severity: high
threagile:unencrypted-communication@nginx-a9de6408
threat-model
Summary
Create scripts/retail_vuln_scanner.py — a web application vulnerability scanner for retail sites, with 13 checks
covering passive reconnaissance and active (detection-only) testing.
Checks
Passive ...
enhancement
TFT444
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.