Commits : Listings
Analyzed
12 months
ago.
based on code collected
almost 1 year
ago.
|
Jan 16, 2023
—
Jan 16, 2024
|
||||||
| Commit Message | Contributor | Files Modified | Lines Added | Lines Removed | Code Location | Date |
|---|---|---|---|---|---|---|
| Use ConcurrentHashMap when serializing tags. |
|
More... | over 1 year ago | |||
| Test for null, avoid NPE |
|
More... | over 1 year ago | |||
| Trigger callback chain when reached limit. (#2204) |
|
More... | almost 2 years ago | |||
| Improved fix for #2261. Regular expressions wouldn't catch the newlines or possibly other control characters. Now we'll use the TAG validation code to make sure the inputs are only plain ASCII printables first. Fixes CVE-2018-12972, CVE-2020-35476 |
|
More... | almost 2 years ago | |||
| Fix for #2269 and #2267 XSS vulnerability. Escaping the user supplied input when outputing the HTML for the old BadRequest HTML handlers should help. Thanks to the reporters. Fixes CVE-2018-13003. |
|
More... | almost 2 years ago | |||
| Tighten up the regexes for Gnuplot URI params per multiple security reports. The best way of avoiding RCEs is to disable Gnuplot, but this should help a little. |
|
More... | almost 2 years ago | |||
