GHSA-f8x4-f32r-w556: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

GHSA-cx95-q6gx-w4qp: SAK-50571 Sakai Kernel users created with type roleview can login as a normal user

GHSA-pf5v-pqfv-x8jj: OpenCanary Executes Commands From Potentially Writable Config File

GHSA-qh8g-58pp-2wxh: Eclipse Jetty URI parsing of invalid authority

GHSA-g8m5-722r-8whq: Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the 'eventName' function within the VCalendar component.

**Vuetify Cross-site Scripting vulnerability**

Moderate severity GitHub Reviewed Published Sep 19, 2022 • Updated Sep 21, 2022

Headline

GHSA-q4q5-c5cv-2p68: Vuetify Cross-site Scripting vulnerability

Related news

ghsa: Latest News