GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. Exported methods are stored in the application.remote object.

**Privilege Issues in jailed**

High severity GitHub Reviewed Published May 3, 2022 • Updated May 23, 2022

Headline

GHSA-77m7-9wvw-87fx: Privilege Issues in jailed

ghsa: Latest News