-
-
Notifications
You must be signed in to change notification settings - Fork 188
Security: diced/zipline
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
No Ownership Check on /api/user/files/transactionGHSA-26wv-mhc3-5xfq published
Aug 8, 2025 by dicedLow -
Filenames are predictable with 5 known consecutive gfycat-style filenamesGHSA-6rg9-q9ww-w2rw published
Mar 19, 2025 by dicedModerate -
XSS on loginGHSA-m288-p6wr-m6gv published
Jan 31, 2025 by dicedHigh -
Arbitrary file read trough path traversal in user exporterGHSA-v38v-92cm-6mx8 published
Sep 12, 2024 by dicedHigh -
Common misconfig allowing registration without an invite when invites are enabledGHSA-j2cw-9fvc-wr4r published
Mar 5, 2024 by dicedHigh