GHSA-9x4v-xfq5-m8x5: Better Auth URL parameter HTML Injection (Reflected Cross-Site scripting)

GHSA-mj4v-hp69-27x5: Plenti  - Code Injection - Denial of Services

GHSA-vqv5-385r-2hf8: Contrast's unauthenticated recovery allows Coordinator impersonation

GHSA-g6qq-c9f9-2772: Keycloak on Quarkus CLI option for encrypted JGroups ignored

GHSA-79f6-p65j-3m2m: MobSF Local Privilege Escalation

xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact.

**xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service**

Critical severity GitHub Reviewed Published Oct 7, 2022

Headline

GHSA-93m7-c69f-5cfj: xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service

ghsa: Latest News