GHSA-9h9q-qhxg-89xr: Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

GHSA-h4h5-9833-v2p4: Rancher agents can be hijacked by taking over the Rancher Server URL

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal 

webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader.

**Code injection in webmagic-core**

High severity GitHub Reviewed Published Jul 28, 2023 to the GitHub Advisory Database • Updated Jul 28, 2023

Headline

GHSA-grvq-vjqr-x8vm: Code injection in webmagic-core

Related news

ghsa: Latest News