GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

The package topthink/framework before version 6.0.12 is vulnerable to Deserialization of Untrusted Data due to insecure `unserialize` method in the `Driver` class.

**Deserialization of Untrusted Data in topthink/framework**

Critical severity GitHub Reviewed Published May 7, 2022 • Updated May 24, 2022

Headline

GHSA-3fpv-54ff-wqfj: Deserialization of Untrusted Data in topthink/framework

Related news

ghsa: Latest News