severity - Code Search

src/main/java/org/codelibs/fess/crawler/serializer/DataSerializer.java

     * </p>
     */
    public DataSerializer() {
        kryoThreadLocal = ThreadLocal.withInitial(() -> {
            final Kryo kryo = new Kryo();
            // TODO use kryo.register for security
            // SECURITY WARNING: setRegistrationRequired(false) allows deserialization of arbitrary classes
            // which could potentially lead to remote code execution vulnerabilities.

Created: Sat Dec 20 09:19:18 GMT 2025

- Last Modified: Wed Nov 19 07:09:17 GMT 2025

- 6.5K bytes

- Click Count (3)

github.com/codelibs/jcifs

src/main/java/jcifs/smb1/smb1/SmbComSessionSetupAndX.java

        this.session = session;
        this.cred = cred;

        sessionKey = session.transport.sessionKey;
        capabilities = session.transport.capabilities;

        if (session.transport.server.security == SECURITY_USER) {
            if (cred instanceof final NtlmPasswordAuthentication auth) {
                if (auth == NtlmPasswordAuthentication.ANONYMOUS) {
                    lmHash = new byte[0];

Created: Sat Dec 20 13:44:44 GMT 2025

- Last Modified: Thu Aug 14 07:14:38 GMT 2025

- 7.1K bytes

- Click Count (0)

github.com/codelibs/jcifs

src/main/java/jcifs/pac/Pac.java

 */
package jcifs.pac;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.util.Map;

import javax.security.auth.kerberos.KerberosKey;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import jcifs.util.Hexdump;

/**

Created: Sat Dec 20 13:44:44 GMT 2025

- Last Modified: Sat Aug 16 01:32:48 GMT 2025

- 7.3K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/jvmTest/kotlin/okhttp3/internal/tls/CertificatePinnerChainValidationTest.kt

  ): SSLSocketFactory {
    // Test setup fails on JDK9
    // java.security.KeyStoreException: Certificate chain is not valid
    // at sun.security.pkcs12.PKCS12KeyStore.setKeyEntry
    // http://openjdk.java.net/jeps/229
    // http://hg.openjdk.java.net/jdk9/jdk9/jdk/file/2c1c21d11e58/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java#l596
    val keystoreType = if (platform.isJdk9()) "JKS" else null

Created: Fri Dec 26 11:42:13 GMT 2025

- Last Modified: Fri Jun 20 11:46:46 GMT 2025

- 24.3K bytes

- Click Count (2)

github.com/codelibs/fess

src/main/java/org/codelibs/fess/mylasta/direction/FessFwAssistantDirector.java

import org.lastaflute.core.direction.CachedFwAssistantDirector;
import org.lastaflute.core.direction.FwAssistDirection;
import org.lastaflute.core.direction.FwCoreDirection;
import org.lastaflute.core.security.InvertibleCryptographer;
import org.lastaflute.core.security.OneWayCryptographer;
import org.lastaflute.db.dbflute.classification.ListedClassificationProvider;
import org.lastaflute.db.direction.FwDbDirection;
import org.lastaflute.web.direction.FwWebDirection;

Created: Sat Dec 20 09:19:18 GMT 2025

- Last Modified: Thu Jul 17 08:28:31 GMT 2025

- 9.4K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/ru/docs/tutorial/security/index.md

# Настройка авторизации { #security }

Существует множество способов обеспечения безопасности, аутентификации и авторизации.

Обычно эта тема является достаточно сложной и трудной.

Во многих фреймворках и системах только работа с определением доступов к приложению и аутентификацией требует значительных затрат усилий и написания множества кода (во многих случаях его объём может составлять более 50% от всего написанного кода).

Created: Sun Dec 28 07:19:09 GMT 2025

- Last Modified: Thu Dec 11 21:25:03 GMT 2025

- 8.4K bytes

- Click Count (0)

github.com/codelibs/jcifs

src/main/java/jcifs/smb1/dcerpc/msrpc/lsarpc.java

import jcifs.smb1.dcerpc.rpc;
import jcifs.smb1.dcerpc.ndr.NdrBuffer;
import jcifs.smb1.dcerpc.ndr.NdrException;
import jcifs.smb1.dcerpc.ndr.NdrObject;
import jcifs.smb1.dcerpc.ndr.NdrSmall;

/**
 * LSA RPC (Local Security Authority Remote Procedure Call) definitions.
 * Provides interface definitions and data structures for LSA RPC operations.
 */
public class lsarpc {

    /**

Created: Sat Dec 20 13:44:44 GMT 2025

- Last Modified: Sat Aug 16 01:32:48 GMT 2025

- 42.5K bytes

- Click Count (0)

github.com/gradle/gradle

.github/dependabot.yml

# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
    labels:

Created: Wed Dec 31 11:36:14 GMT 2025

- Last Modified: Tue Oct 14 11:09:50 GMT 2025

- 1K bytes

- Click Count (0)

github.com/codelibs/jcifs

src/test/java/jcifs/internal/smb2/nego/Smb2NegotiateResponseTest.java

        // When
        int caps = response.getCommonCapabilities();

        // Then
        assertEquals(0x3F, caps);
    }

    @Test
    @DisplayName("Should return security blob")
    void testGetSecurityBlob() throws Exception {
        // Given
        byte[] blob = "SecurityBlob".getBytes();
        setPrivateField(response, "securityBuffer", blob);

        // When

Created: Sat Dec 20 13:44:44 GMT 2025

- Last Modified: Thu Aug 14 05:31:44 GMT 2025

- 32.5K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/ja/docs/tutorial/security/oauth2-jwt.md

レスポンスのトークンエンドポイントで使用するPydanticモデルを定義します。

新しいアクセストークンを生成するユーティリティ関数を作成します。

{* ../../docs_src/security/tutorial004.py hl[6,12:14,28:30,78:86] *}

## 依存関係の更新

`get_current_user`を更新して、先ほどと同じトークンを受け取るようにしますが、今回はJWTトークンを使用します。

受け取ったトークンを復号して検証し、現在のユーザーを返します。

トークンが無効な場合は、すぐにHTTPエラーを返します。

{* ../../docs_src/security/tutorial004.py hl[89:106] *}

## `/token` パスオペレーションの更新

トークンの有効期限を表す`timedelta`を作成します。

Created: Sun Dec 28 07:19:09 GMT 2025

- Last Modified: Sun Aug 31 10:49:48 GMT 2025

- 14K bytes

- Click Count (1)

Search Options