GHSA-w69q-w4h4-2fx8: Reverb use after free vulnerability

GHSA-4xx7-2cx3-x473: Keycloak SAML signature validation flaw

GHSA-vvf8-2h68-9475: Keycloak Open Redirect vulnerability

GHSA-84jw-g43v-8gjm: DOM Clobbering Gadget found in Rspack's AutoPublicPathRuntimeModule that leads to XSS

GHSA-jj94-6f5c-65r8: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

**Ansible symlink attack vulnerability**

Moderate severity GitHub Reviewed Published Dec 28, 2023 to the GitHub Advisory Database • Updated Dec 29, 2023

Headline

GHSA-jpvw-p8pr-9g2x: Ansible symlink attack vulnerability

Related news

ghsa: Latest News