Critical and High Vulnerabilities in PrecisionFDA #13
Comments
|
@JNHQ Have you heard anything back from Dev team? Also, have you compared the data against another detection system that you are unaffiliated with? There's no additional data/insight provided regards to what these critical and high vulnerability in the attached screen shot. Feel free to post as needed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi - I'm writing from Ion Channel, a cybersecurity firm that monitors the software supply chain for U.S. critical infrastructure. In response to information on the escalating prevalence of software dependency attacks, and in an effort to preclude such an attack on a federal civilian agency infrastructure, we are reaching out to the development teams of publicly released federal software projects that have critical and high severity vulnerabilities, to make them aware of these findings and to encourage immediate remediation.
In the case of PrecisionFDA, there are two high and two critical vulnerabilities in the project. Screen shot is attached. For detailed findings, or to coordinate further, e-mail [email protected] . This is not a sales pitch - all findings will be delivered as open data.
PrecisionFDA Screen Shot.pdf
The text was updated successfully, but these errors were encountered: