GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

GHSA-6r2x-8pq8-9489: Electron vulnerable to Heap Buffer Overflow in NativeImage

GHSA-v8fr-vxmw-6mf6: Mattermost Incorrect Authorization vulnerability

GHSA-wgvp-jj4w-88hf: Mattermost Incorrect Authorization vulnerability

`Out::from_raw` in affected versions allows writing a value to invalid memory address without requiring `unsafe`.

The soundness issue has been addressed by making `Out::from_raw` an unsafe function.


**\`out\_reference::Out::from\_raw\` should be \`unsafe\`**

Moderate severity GitHub Reviewed Published Mar 13, 2023 to the GitHub Advisory Database • Updated Mar 13, 2023

Headline

GHSA-p7mj-xvxg-grff: `out_reference::Out::from_raw` should be `unsafe`

ghsa: Latest News