GHSA-7pq5-qcp6-mcww: CKAN has an XSS vector in user uploaded images in group/org and user profiles

GHSA-w3pj-wh35-fq8w: GeoTools Remote Code Execution (RCE) vulnerability in evaluating XPath expressions

GHSA-wc9m-r3v6-9p5h: Sparkle Signing Checks Bypass

GHSA-w7wm-2425-7p2h: MarbleRun unauthenticated recovery allows Coordinator impersonation

GHSA-mx2j-7cmv-353c: wasmvm: Malicious smart contract can slow down block production

In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes.



**fuel/core Crypt encryption compromised.**

Moderate severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database • Updated May 15, 2024

Headline

GHSA-fgrx-4637-fcf5: fuel/core Crypt encryption compromised.

ghsa: Latest News