GHSA-qg5g-gv98-5ffh: rustls network-reachable panic in `Acceptor::accept`

GHSA-rjjv-87mx-6x3h: @sveltejs/kit vulnerable to on dev mode 404 page

GHSA-mh2x-fcqh-fmqv: @sveltejs/kit has unescaped error message included on error page

GHSA-5xr6-xhww-33m4: Artifact poisoning vulnerability in action-download-artifact v5 and earlier

GHSA-7f6p-phw2-8253: Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws

gratient is a user-facing library for generating color gradients of text.
Version 0.5 contained obfuscated, malicious code targeting
Windows platforms, harvesting information and credentials from the
user's system and sending them to a remote server.
Services may include Mullvad VPN and Telegram.


**gratient 0.5 contains credential harvesting code**

High severity GitHub Reviewed Published Aug 30, 2024 to the GitHub Advisory Database • Updated Aug 30, 2024

Headline

GHSA-xm4r-5rj9-2pg3: gratient 0.5 contains credential harvesting code

ghsa: Latest News