GHSA-vm62-9jw3-c8w3: Gogs has an argument Injection in the built-in SSH server

GHSA-9pp6-wq8c-3w2c: Gogs allows argument injection during the previewing of changes

GHSA-ccqv-43vm-4f3w: Gogs allows deletion of internal files

GHSA-m27m-h5gj-wwmg: Gogs allows argument Injection when tagging new releases

GHSA-wrw7-89jp-8q8g: Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter`

CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function `isFileOutsideDir` fails to sanitize the user input which may lead to path traversal.

**Path traversal in CureKit**

High severity GitHub Reviewed Published Jun 1, 2022 • Updated Jun 3, 2022

Headline

GHSA-m9vj-44f3-78xw: Path traversal in CureKit

Related news

ghsa: Latest News