GHSA-gppm-hq3p-h4rp: Git credentials are exposed in Atlantis logs

GHSA-gr3c-q7xf-47vh: XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

GHSA-8m24-3cfx-9fjw: sp1 has insufficient observation of cumulative sum

GHSA-j857-2pwm-jjmm: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

datadog/dd-trace versions 0.30.0 prior to 0.30.2 are affected by a security and stability issue outlined in PR [#579](https://github.com/DataDog/dd-trace-php/pull/579). This pull request ensures that the ddtrace.request_init_hook remains bound by the open_basedir INI directive, effectively addressing potential vulnerabilities related to open_basedir restrictions. 
The update introduces a sandboxing mechanism to isolate the request init hook from errors or exceptions during execution, enhancing the library's stability and preventing adverse impacts on the main script.

**datadog/dd-trace Circumvents open\_basedir INI directive**

Low severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database

Headline

GHSA-qvgg-r6rq-vwfx: datadog/dd-trace Circumvents open_basedir INI directive

ghsa: Latest News