GHSA-7p9f-6x8j-gxxp: CRI-O: Maliciously structured checkpoint file can gain arbitrary node access

GHSA-hh33-46q4-hwm2: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion

Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.

**Cross-site Scripting in Ghost**

Moderate severity GitHub Reviewed Published Jan 21, 2024 to the GitHub Advisory Database • Updated Jan 22, 2024