Comments (1)
pkfec
commented on August 18, 2024
Note: The following issues were logged based off snyk cli in addition to snyk dashboard.
FEC-CMS: 7
package.json: 2 (do not show up in snyk cli)
[Snyk: Med - Information Exposure] (fecgov/fec-cms#6307)
[Snyk: High - Watchify] (fecgov/fec-cms#6321)
requirements.txt: 5
[Snyk Medium - [email protected] Regular Expression Denial of Service (ReDoS)] (fecgov/fec-cms#6268)
[Snyk Medium - requests@[email protected] Always-Incorrect Control Flow Implementation] (fecgov/fec-cms#6285)
[Snyk Medium - [email protected] Cross-site Scripting (XSS)] (fecgov/fec-cms#6250)
[Snyk Medium - [email protected] Regular Expression Denial of Service (ReDoS)] (fecgov/fec-cms#6269)
[Snyk Medium - [email protected] Improper Removal of Sensitive Information Before Storage or Transfer] -(fecgov/fec-cms#6343)
OpenFEC: 4
flyway: 1
[Snyk Medium - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')] -#5878
package.json: 0
requirements.txt: 2
[Snyk Low - Flask-cors Log Injection LOCUST ] - #5807
[Snyk Medium - requests Always-Incorrect Control Flow Implementation] - (#5845)
[Snyk Medium - [email protected] Improper Removal of Sensitive Information Before Storage or Transfer] -(#5877)
Pattern-Library: 1
[Snyk - [email protected] Medium Template Injection] (fecgov/fec-pattern-library#223)
Search logs:
No "User changes" found in the past week.
Deployer accounts from cloud.gov dashboard: 10
from openfec.
Related Issues (20)
- [Snyk:Medium] async Regular Expression Denial of Service (due on 09/3/2024) HOT 1
- [Snyk:Medium] zipp Infinite loop (Due 09/07/2024) HOT 1
- RAD wants disbursement date in schedule E HOT 2
- [Snyk: High] setuptools Improper Control of Generation of Code ('Code Injection')(Due 8/16/2024)
- Check logs Sprint 25.6 Week 1 HOT 1
- Check logs Sprint 25.6 Week 2 HOT 1
- Discrepancy between Bulk Data files and committee top-lines HOT 8
- [Snyk: Medium] Insufficient Verification of Data Authenticity (Due 09/24/24)
- Modify API key rotation task to update permissions
- Consider adding AF's to case_respondents HOT 1
- Check logs Sprint 25.i Week 1 HOT 1
- Check logs Sprint 25.i Week 2 HOT 1
- Check logs Sprint 25.i Week 3
- Fix test efiling endpoint HOT 1
- Update NPA endpoints to return numbers and integers in the results set HOT 1
- Upgrade Node
- Create task to modify environment variables
- [Snyk:Medium] flask-cors Log Injection (Due 11/05/2024)
- [Snyk:High] upgrade Flyway (due on 09/05/2024)
- Upgrade python 3.11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openfec.