GHSA-6gf2-ffq8-gcww: GHSL-2024-288: SickChill open redirect in login

GHSA-j3f9-p6hm-5w6q: Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale

GHSA-cjgq-5qmw-rcj6: keras Path Traversal vulnerability

GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

Affected versions of the crate have several bugs where attacker-controlled input can result in the use of an out-of-bound array index.  Rust detects the use of the out-of-bound index and causes the application to panic.  An attacker may be able to use this to cause a denial-of-service.  However, it is not possible for an attacker to read from or write to the application's address space.



**sequoia-openpgp vulnerable to out-of-bounds array access leading to panic**

Low severity GitHub Reviewed Published Jun 6, 2023 to the GitHub Advisory Database • Updated Jun 6, 2023

Headline

GHSA-25mx-8f3v-8wh7: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic

ghsa: Latest News