Comments (3)
Any feedback on this? Thanks.
from redoc.
Yes. We will take a look.
This vulnerability does not impact our docker container as this system function is not used by our code.
from redoc.
The response I got from a security advisor is:
It is clear that once someone takeover the container, Person can call the method and exploited the vulnerability even during code normal flow it won't get executed. Hence, vulnerabilities exist and exploitable"
from redoc.
Related Issues (20)
- add sortOperationsAlphabetically config, html show error
- Accessibility: Query parameters as list for beter readability
- Accessibility: The label 'Example' is not associated with the input element
- Accessibility: No keyboard accessibility to open menu when zooming in
- When opening an HTML file built with the Redocly command in a browser that contains an anchor, the sidebar does not expand and automatically positions to that anchor. HOT 3
- Accessibility: Visibility of chain symbol
- Required properties in 3.1.0 spec not working when used as sibling
- Security vulnerability in old version of lodash HOT 3
- Kritsana
- 2.1.4 isn't available on cdn.redoc.ly HOT 2
- How to search for Chinese in redoc-static.html? HOT 2
- React warning on standard out when generating HTML documentation HOT 1
- The v2.1.4 defines jest-environment-jsdom as prod dependency HOT 1
- Display conditional application of subschemas through the use of dependentRequired
- Redocly website blocks access to API documentation HOT 1
- This search cannot be used properly HOT 1
- Redocly mangles some property names HOT 3
- The field "Upload File" doesn´t show HOT 2
- minLength/maxLength not shown for array items with pattern
- Disable "Response samples" section HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from redoc.