-
Notifications
You must be signed in to change notification settings - Fork 7
Pull requests: r0path/payroll-demo
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
Fix insecure pickle deserialization and add authentication/authorization to adjust_salary endpoint.
#180
opened Jan 15, 2026 by
zeropath-ai-dev
bot
Loading…
Fix insecure pickle deserialization and add authentication to adjust_salary endpoint to prevent remote code execution (RCE)
#179
opened Jan 15, 2026 by
zeropath-ai-dev
bot
Loading…
Fix insecure deserialization and enforce authentication/authorization checks in adjust_salary endpoint.
#178
opened Jan 15, 2026 by
zeropath-ai-dev
bot
Loading…
Fix insecure pickle deserialization and add authentication to adjust_salary endpoint to prevent remote code execution (RCE)
#177
opened Jan 15, 2026 by
zeropath-ai-dev
bot
Loading…
Fix untrusted deserialization and remote code execution by disabling pickle.loads in load_data and adding authentication to adjust_salary endpoint.
#176
opened Jan 15, 2026 by
zeropath-ai-dev
bot
Loading…
Handle specific JWT exceptions instead of bare except
#174
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Hash stored passwords in AuthService using PBKDF2 and verify securely
#173
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Prevent SQL injection in get_user by replacing string-concatenated query with AuthService lookup
#172
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Protect /api/payroll/adjust endpoint with authentication and admin check
#171
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Fix command injection in /login by removing os.system and ignoring cmd field
#170
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Disable Flask debug mode to prevent Werkzeug interactive debugger exposure
#169
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Disable Flask debug mode to prevent Werkzeug interactive debugger exposure
#168
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Enforce admin authorization in payroll salary adjustment
#167
opened Oct 21, 2025 by
zeropath-ai-dev
bot
Loading…
Hash stored passwords and verify using PBKDF2-HMAC-SHA256 in AuthService
#162
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Use environment-provided SECRET_KEY instead of hardcoded value
#161
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Enforce admin authorization in payroll_service to prevent unauthorized salary adjustments
#160
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Enforce admin authorization in payroll salary adjustment
#159
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Hash passwords and verify using PBKDF2 to avoid plaintext storage
#158
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Enforce admin authorization and remove unsafe deserialization in payroll adjust
#157
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Fix: remove unsafe pickle deserialization of Authorization token in app2
#156
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Restore admin authorization check in payroll salary adjustment
#155
opened Sep 25, 2025 by
zeropath-ai-dev
bot
Loading…
Previous Next
ProTip!
Exclude everything labeled
bug with -label:bug.