GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

GHSA-6r2x-8pq8-9489: Electron vulnerable to Heap Buffer Overflow in NativeImage

GHSA-v8fr-vxmw-6mf6: Mattermost Incorrect Authorization vulnerability

GHSA-wgvp-jj4w-88hf: Mattermost Incorrect Authorization vulnerability

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a `.ssh/authorized_keys` file.

**Croc sender may send dangerous new files to receiver**

Moderate severity GitHub Reviewed Published Sep 20, 2023 to the GitHub Advisory Database • Updated Sep 21, 2023

Headline

GHSA-ppjh-xp5v-46wc: Croc sender may send dangerous new files to receiver

ghsa: Latest News