GHSA-gppm-hq3p-h4rp: Git credentials are exposed in Atlantis logs

GHSA-gr3c-q7xf-47vh: XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

GHSA-8m24-3cfx-9fjw: sp1 has insufficient observation of cumulative sum

GHSA-j857-2pwm-jjmm: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the `namespaces()` function (which invokes `XmlNode::get_local_namespaces()`) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution.

**libxmljs vulnerable to type confusion when parsing specially crafted XML**

High severity GitHub Reviewed Published May 2, 2024 to the GitHub Advisory Database • Updated May 3, 2024

Headline

GHSA-78h3-pg4x-j8cv: libxmljs vulnerable to type confusion when parsing specially crafted XML

ghsa: Latest News