Erin Rasmussen activity

Erin Rasmussen commented on issue #593156 at GitLab.org / GitLab

2026-03-17T21:55:45Z

thank you!

Erin Rasmussen commented on issue #593156 at GitLab.org / GitLab

2026-03-17T19:30:28Z

Does disabling the dependency_paths feature flag affect the ability to detect transitive dependencies? With that flag disabled with the customer still be able to detect vulnerabilites that are 2 or 3 layers deep? It's a little unclear to them whether changing the dependency_paths feature flag will decrease the effectiveness of the security scanning (which would then introduce a risk that needs to be approved by their management).

Erin Rasmussen pushed to project branch main at gl-demo-ultimate-erasmussen / Demo Co / development / applications / Swag Shop

2026-03-17T02:25:10Z

Erin Rasmussen (ea8da3e4) at 17 Mar 02:25

Update .gitlab-ci.yml file to enable Advanced SAST

Erin Rasmussen commented on merge request !53 at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T22:05:29Z

unmarked it as draft

Erin Rasmussen closed merge request !56: Resolve "VULN-63: World-writable file permissions (chmod 777) in container" at gl-demo-ultimate-rfrench / Jay Lab 20...

2026-03-16T22:03:59Z

Closes #223

Erin Rasmussen approved merge request !56: Resolve "VULN-63: World-writable file permissions (chmod 777) in container" at gl-demo-ultimate-rfrench / Jay Lab ...

2026-03-16T22:03:55Z

Closes #223

Erin Rasmussen deleted project branch emrasmussen-main-patch-1fd5 at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T22:03:10Z

Erin Rasmussen (16dba8bf) at 16 Mar 22:03

Erin Rasmussen closed issue #227: VULN-67: Credentials written to world-readable log file at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T22:03:09Z

File: cli.py — show_logs() function Category: Sensitive Data Exposure

Description

The logs command writes database credentials, API keys, and full user records (including passwords and credit cards) to /tmp/flask_app_debug.log with permissions 0o666 (world-readable and world-writable). Any user on the system can read these secrets.

Remediation Hint

Never write credentials to log files
If logging is necessary, use restrictive permissions (e.g., 0o600)
Redact sensitive fields before logging
Use a proper logging framework with secret filtering

Erin Rasmussen pushed to project branch main at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T22:03:07Z

Erin Rasmussen (1cae0e76) at 16 Mar 22:03

Merge branch 'emrasmussen-main-patch-1fd5' into 'main'

... and 1 more commit

Erin Rasmussen accepted merge request !57: change the permissiond and don't write password to and api key to log file at gl-demo-ultimate-rfrench / Jay Lab 2...

2026-03-16T22:03:07Z

Updated the permissions on the file and also commented the writes of sensitive information to the log file

closes #227

Erin Rasmussen approved merge request !57: change the permissiond and don't write password to and api key to log file at gl-demo-ultimate-rfrench / Jay Lab 2...

2026-03-16T22:03:00Z

Updated the permissions on the file and also commented the writes of sensitive information to the log file

closes #227

Erin Rasmussen opened merge request !57: change the permissiond and don't write password to and api key to log file at gl-demo-ultimate-rfrench / Jay Lab 202...

2026-03-16T22:01:21Z

Updated the permissions on the file and also commented the writes of sensitive information to the log file

closes #227

Erin Rasmussen pushed new project branch emrasmussen-main-patch-1fd5 at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T22:00:23Z

Erin Rasmussen (16dba8bf) at 16 Mar 22:00

change thee permissiond and don't write password to and api key to ...

Erin Rasmussen pushed new project branch 227-vuln-67-credentials-written-to-world-readable-log-file at gl-demo-ultimate-rfrench / Jay Lab 2025 / jaylab.link

2026-03-16T21:51:40Z

Erin Rasmussen (cbfb3182) at 16 Mar 21:51