GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection

GHSA-8596-2jgr-ppj7: Amazon Redshift JDBC Driver vulnerable to SQL Injection

GHSA-xx95-62h6-h7v3: lgsl Stored Cross-Site Scripting vulnerability

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

Code Injection in GitHub repository builderio/qwik prior to 0.21.0. The Function deserializer can be accessed using the pureServerFunction feature. This allows any Javascript code to be run by node.js.

**builderio/qwik is vulnerable to code injection**

Critical severity GitHub Reviewed Published Mar 9, 2023 to the GitHub Advisory Database • Updated Mar 10, 2023

Headline

GHSA-9wf9-qvvp-2929: builderio/qwik is vulnerable to code injection

Related news

ghsa: Latest News