happens, OSS-Fuzz will notify the Dapr team with a stacktrace and a reproducer testcase. # Title Mitigation 1 Index out of range in ra� log reading Fixed 2 Malicious raw key triggers out of range panic log reading OSS-Fuzz bug tracker: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58799 Mitigation: Fixed in https://github.com/dapr/dapr/pull/6343 ID: ADA-DAP-FUZZ-1 Description A fuzzer found standard library OSS-Fuzz bug tracker: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58954 Mitigation: Fixed in: https://github.com/golang/go/issues/60411#event-9334104392 ID: ADA-DAP-FUZZ-2 Description

will be discussed in a chronological order alongside technical descriptions, as well as PoC and mitigation advice when applicable. Since most issues are reflective of a custom configuration and of the GetSecretRequest struct before nesting it into the HTTP path. A full description of this mitigation is described in issues DAP-01-003 and DAP-01-007. Cure53, Berlin · 07/01/20

Threat model included in report SLSA compliance review included in report Supply-chain threat mitigation advice included in report Project Summary The auditors of Ada Logics were: Name Title Email 5 archived or deprecated libraries in its direct dependency tree. They are: # Issue Dependency Mitigation 1 Archived github.com/gorilla/mux Has been un-archived a�er completion of audit. No change in