GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext

GHSA-prmv-7r8c-794g: Citizen vulnerable to Stored XSS through short descriptions

GHSA-67rr-84xm-4c7r: Next.JS vulnerability can lead to DoS via cache poisoning 

GHSA-r2fc-ccr8-96c4: Next.js has a Cache poisoning vulnerability due to omission of the Vary header

GHSA-rq6g-6g94-jfr4: starcitizentools/citizen-skin is vulnerable to Stored XSS attack in the legacy search bar through page descriptions

Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"

**Directory Traversal in onnx**

High severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 27, 2023

Headline

GHSA-ffxj-547x-5j7c: Directory Traversal in onnx

ghsa: Latest News