GHSA-g5vw-3h65-2q3v: Access control vulnerable to user data deletion by anonynmous users

GHSA-3hxg-fxwm-8gf7: CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes 

GHSA-82j3-hf72-7x93: Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`)

GHSA-29wx-vh33-7x7r: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations

GHSA-7vm6-qwh5-9x44: loona-hpack Panic Vulnerability

php-heic-to-jpg <= 1.0.5 is vulnerable to remote code execution. An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below.

**Remote code execution in php-heic-to-jpg**

High severity GitHub Reviewed Published Oct 24, 2024 to the GitHub Advisory Database • Updated Oct 24, 2024

Headline

GHSA-g8v9-c8m3-942v: Remote code execution in php-heic-to-jpg

ghsa: Latest News