issues Search Results · language:Dune language:Python language:JavaScript linked:pr language:Java language:Java linked:pr
Filter by
5.9M results
Summary
deploy/docker-compose/docker-compose.yml ships well-known insecure default credentials (Keycloak admin/admin and the
wanaku-service OIDC client secret mypasswd) with no warning that the file is ...
security
oscerd
Summary
Several GitHub Actions workflows declare no permissions: block, so the automatically-provided GITHUB_TOKEN inherits the
repository/organization default scope (often read-write). pr-builds.yml ...
security
Summary
The Kubernetes operator s own Deployment runs without a hardened securityContext: no runAsNonRoot, no seccomp profile,
all Linux capabilities retained, and allowPrivilegeEscalation defaulting ...
security
Summary
Router HTTP authorization is driven entirely by quarkus.http.auth.permission.* path rules. The code-execution
(/api/v2/code-execution-engine), tool-calls (/api/v2/tool-calls) and LLM chat (/api/v1/chat) ...
security
Summary
The Wanaku CLI writes authentication credentials — including the access token and the long-lived refresh token — to
~/.wanaku/credentials using default file permissions. With a typical Linux umask ...
security
Target artifact
GET /post/ int:id (and POST /post/ int:id /comment)
Attack class
input-validation
Discovery method
white-box (source-assisted)
Property violated
P3: Input discipline
Steps to reproduce ...
3rivers-ai
Target artifact
POST /upload then GET /files/ name ?raw=1
Attack class
xss
Discovery method
white-box (source-assisted)
Property violated
P5: Authorization output safety
Steps to reproduce
1. ...
Target artifact
GET /files/ name (e.g. /files/admin_secret.txt, and ?raw=1)
Attack class
idor-authz
Discovery method
white-box (source-assisted)
Property violated
P1: Confidentiality
Steps to reproduce ...
Target artifact
POST /upload (multipart filename)
Attack class
path-traversal
Discovery method
white-box (source-assisted)
Property violated
P4: No injection / code execution
Steps to reproduce ...
배경
모바일에서 역 검색, 이동 프로필, 시설 정보는 확인할 수 있지만 실제로 “갈 수 있는 길”을 계산하는 백엔드 경로 검색 API가 아직 없습니다. 접근성 이동 도우미의 핵심 흐름을 만들려면 출발역과 도착역, 이동
유형을 받아 경로 후보와 경고를 반환하는 최소 경로 검색 기준선이 필요합니다.
작업 범위
- POST /api/v1/routes/search로 ...
AquilaXk
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.