GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

The request rate limiting feature on the login page of AzuraCast before version 0.18.3 can be bypassed, which could allow an attacker to brute force login credentials.

**AzuraCast missing brute force prevention**

Moderate severity GitHub Reviewed Published May 5, 2023 to the GitHub Advisory Database • Updated May 5, 2023

Headline

GHSA-4m7v-wr6v-2mw5: AzuraCast missing brute force prevention

Related news

ghsa: Latest News