GHSA-8pmp-678w-c8xx: gitsign may use incorrect Rekor entries during verification

GHSA-wvv7-wm5v-w2gv: Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE

GHSA-cc6x-8cc7-9953: OctoPrint has API key access in settings without reauthentication

GHSA-xvxq-g8hw-fx4g: OctoPrint Vulnerable to Reflected XSS in Jinja2 Templates

GHSA-g5vw-3h65-2q3v: Access control vulnerable to user data deletion by anonynmous users

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor() component.

**Nacos Spring vulnerable to Unsafe Deserialization**

Moderate severity GitHub Reviewed Published Aug 21, 2023 to the GitHub Advisory Database • Updated Aug 21, 2023

Headline

GHSA-v6c8-pwhq-288m: Nacos Spring vulnerable to Unsafe Deserialization

Related news

ghsa: Latest News