GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

GHSA-v7gv-xpgf-6395: Keycloak Build Process Exposes Sensitive Data

GHSA-5545-r4hg-rj4m: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

GHSA-qpgc-w4mg-6v92: MLflow's excessive directory permissions allow local privilege escalation

GHSA-3864-rp2m-2qfj: libre-chat Path Traversal vulnerability

The exotel project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time

**\`exotel\` project on PyPI compromised, malicious release made**

High severity GitHub Reviewed Published Aug 30, 2024 to the GitHub Advisory Database • Updated Aug 30, 2024

Headline

GHSA-x6xg-3fj2-4pq3: `exotel` project on PyPI compromised, malicious release made

ghsa: Latest News