Improper Restriction of Rendered UI Layers or Frames

Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...

Astro-Shield 安全漏洞

Astro-Shield is KindSpells Labs open source a library . It is used to calculate sub-resource integrity hashes for JS scripts and CSS stylesheets. Astro-Shield has a security vulnerability that stems from the CSP header generation feature allowing the listing of maliciously injected resources...

Creating Awareness of External JavaScript Libraries in Web Applications

Qualys Web Application Scanning WAS routinely reviews and solicits customer feedback regarding vulnerabilities. This may be to enhance the detection or the detections reporting. Previously, all JavaScript libraries detected on an application are reported under the Information Gathering QID 150176...