GHSA-vh5j-5fhq-9xwg: Taylor has race condition in /get-patch that allows purchase token replay

GHSA-jfj7-249r-7j2m: TabberNeue vulnerable to Stored XSS through wikitext

GHSA-m435-9v6r-v5f6: MobSF vulnerability allows SSRF due to the allow_redirects=True parameter

GHSA-fv92-fjc5-jj9h: mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

GHSA-277f-37gw-9gmq: raspap-webgui has a Directory Traversal vulnerability

The html package (aka x/net/html) through 2018-09-25 in Go mishandles `<table><math><select><mi><select></table>`, leading to an infinite loop during an `html.Parse` call because `inSelectIM` and `inSelectInTableIM` do not comply with a specification.

**x/net/html Vulnerable to DoS During HTML Parsing**

High severity GitHub Reviewed Published Sep 25, 2023 to the GitHub Advisory Database • Updated Sep 25, 2023

Headline

GHSA-vfw5-hrgq-h5wf: x/net/html Vulnerable to DoS During HTML Parsing

ghsa: Latest News