Security – Njalla

BTC

—

—

ETH

—

—

SOL

—

—

BNB

—

—

GOLD

—

—

XRP

—

—

DOGE

—

—

ADA

—

—

Security 76 articles

Which messaging app takes the most limited approach to permissions on Android?

[HIGH] Security Advisory: Antrea has Missing Encryption of Sensitive Data (antrea.io/antrea, antrea.io/antrea, antrea.io/antrea)

[LOW] Security Advisory: Signal K Server: Arbitrary Prototype Read via `from` Field Bypass (signalk-server)

[CRITICAL] Security Advisory: fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup) (fast-jwt)

[CRITICAL] Security Advisory: goshs: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) in goshs POST multipart upload (github.com/patrickhener/goshs)

[MEDIUM] Security Advisory: DOMPurify ADD_ATTR predicate skips URI validation (dompurify)

[HIGH] Security Advisory: Kedro: Path Traversal in versioned dataset loading via unsanitized version string (kedro)

[HIGH] Security Advisory: OpenSTAManager: SQL Injection via Aggiornamenti Module (devcode-it/openstamanager)

[CRITICAL] Security Advisory: Kedro has Arbitrary Code Execution via Malicious Logging Configuration (kedro)

[HIGH] Security Advisory: Ajenti has an authorization bypass during custom package installation (ajenti-panel)

[MEDIUM] Security Advisory: OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode (openclaw)

[MEDIUM] Security Advisory: OpenClaw: Host exec environment overrides miss proxy, TLS, Docker, and Git TLS controls (openclaw)