GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.

**CSV-Safe improperly filters special characters potentially leading to CSV injection**

Critical severity GitHub Reviewed Published May 3, 2022 • Updated May 18, 2022

Headline

GHSA-f55g-x8qq-2569: CSV-Safe improperly filters special characters potentially leading to CSV injection

ghsa: Latest News