GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

GHSA-55v3-xh23-96gh: `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

GHSA-6q3q-6v5j-h6vg: Querydsl vulnerable to HQL injection trough orderBy

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.

**Echo vulnerable to directory traversal**

High severity GitHub Reviewed Published Dec 7, 2022 • Updated Dec 7, 2022

Headline

GHSA-j453-hm5x-c46w: Echo vulnerable to directory traversal

Related news

ghsa: Latest News