GHSA-pjwm-cr36-mwv3: ReDoS in giskard's transformation.py (GHSL-2024-324)

GHSA-j3vq-pmp5-r5xj: Missing ratelimit on passwrod resets in zenml

GHSA-j3px-q95c-9683: zlib-rs stack overflow during decompression with malicious input

GHSA-p2h2-3vg9-4p87: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

GHSA-hff8-hjwv-j9q7: Remote Code Execution on click of <a> Link in markdown preview

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

**HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack**

Moderate severity GitHub Reviewed Published Nov 16, 2023 to the GitHub Advisory Database • Updated Nov 16, 2023

Headline

GHSA-8r96-8889-qg2x: HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack

Related news

ghsa: Latest News