issues Search Results · language:Dune language:JavaScript language:JavaScript language:Java language:HTML language:Java
Filter by
39.9M results
🐰 CodeRabbit Ralph Loop — Auto-Scan
Modul: paperclip Scan: 2026-06-26T13:10:16.253Z Findings: 1
| Check | Kategorie | Problem |
| :-- | :-- | :-- |
| A08 | Struktur | Version Meta fehlt |
🤖 Auto-created ...
auto-created
coderabbit
pf:mittel
ralph-loop
github-actions[bot]
stefanymontero2121Context
The Counterfact mock images published from the two Semrush client packages — spacecat-shared-project-engine-client-mock
and spacecat-shared-user-manager-client-mock — are now consumed for API-level ...
rainer-friederich
The bug
packages/vike-push/web-push.js:112: the single-record size guard is if (record.length RECORD_SIZE) throw, but record is
the plaintext (payload + 1 delimiter byte); the emitted ciphertext is record.length ...
bug
priority: low
suleimansh
Good morning/day/afternoon,
While working with WhatsApp, I noticed a case. From time to time user s LID can change spontaneously, and WA works it
out with a message: This phone number is connected to ...
kennyromanov
Two fail-open defaults in vike-auth (both clear bugs, likely one PR).
1. Session cookie Secure flag off unless NODE_ENV is exactly production
vike-middleware.js:10 (dev: process.env.NODE_ENV !== production ...
bug
priority: medium
security
Two upload-path hardening gaps in vike-storage (same middleware as the stored-XSS issue, separable fixes).
1. Unsanitized user-controlled key forwarded to the provider (provider-dependent path traversal) ...
bug
priority: medium
This website impersonates Ledger and mimics the official Ledger Live support/download pages in an attempt to deceive
cryptocurrency users.
The page uses Ledger branding without authorization and is designed ...
abaev020-svg
The bug
The GET /uploads/:key endpoint serves stored bytes with Content-Type: obj.meta?.mime
(packages/vike-storage/middleware.js:56, index.js:101-103), where mime is the browser-supplied file.type from ...
bug
priority: high
security
The bug
Sensitive fields are serialized verbatim into the durable queue jobs payload (JSON.stringify(payload) at
packages/vike-queue/database.js:37), where they persist at rest after delivery and survive ...
bug
priority: medium
security
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.