Params of Lien struct are not emitted when lien is created making it difficult to track

Lines of code Vulnerability details Impact Protocol does not store any information about Lien. When users want to interact, they have to send the whole Lien struct along with lienId, and the protocol will verify if this data is correct by hash. This approach reduces onchain storage and can save a...

OESA-2022-2039 curl security update

CURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability was found in curl. The issue occurs when doing HTTPS transfers, where curl might erroneously use the read callback...

Dropbox: CSV Injection with the CVS export feature

The report mentions a well known problem with any CSV export function. If the exported data has an Excel formula, the user will be warned and if the user clicks through a warning they might get some code execution. At the same time, fixing this bug means that the CSV data is no longer correct and...