Sharang Parnerkar

sharang opened issue sharang/compliance-scanner-agent#57

2026-03-30 13:28:52 +00:00

JWT audience validation disabled — cross-app token reuse

sharang opened issue sharang/compliance-scanner-agent#56

2026-03-30 13:28:02 +00:00

Webhook auth bypass when webhook_secret is None

sharang released v0.2.0 — AI-Native Security & Compliance Platform at sharang/compliance-scanner-agent

2026-03-30 13:19:40 +00:00

sharang pushed tag v0.2.0 to sharang/compliance-scanner-agent

2026-03-30 13:19:21 +00:00

sharang pushed to main at sharang/compliance-scanner-agent

2026-03-30 13:10:58 +00:00

23cf37b6c3 fix: CVE notifications during scan + help chat doc loading + Dockerfile (#55)

sharang merged pull request sharang/compliance-scanner-agent#55

2026-03-30 13:10:56 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[high] Path Traversal via HELP_DOCS_PATH Environment Variable

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[high] Insecure Direct Object Reference in Documentation Loading

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Potential Command Injection via User-Controlled Repository Name

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Potential panic from unwrap_or_default() in notification creation

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

Compliance scan found 28 issue(s) in this PR:

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[high] Potential XSS via Copy Button

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Inconsistent error handling in doc_context function

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Complex boolean expression in notification creation logic

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Inconsistent error handling in notification creation loop

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Complex nested control flow in doc_context function

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Complex boolean expression in conditional rendering

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Complex boolean expression in conditional rendering

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[medium] Potential race condition in SSH public key display

sharang commented on pull request sharang/compliance-scanner-agent#55

2026-03-30 13:04:09 +00:00

fix: CVE notifications during scan + help chat doc loading + Dockerfile

[high] Incorrect fallback logic in doc_context() when walking up from binary location