GHSA-hxf5-99xg-86hw: cap-std doesn't fully sandbox all the Windows device filenames

GHSA-c2f5-jxjv-2hh8: Wasmtime doesn't fully sandbox all the Windows device filenames

GHSA-4cf2-cxp3-rjr7: HAPI FHIR XML External Entity (XXE) vulnerability

GHSA-v2qh-f584-6hj8: @workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

GHSA-5wmg-9cvh-qw25: @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

**Package**

gomod github.com/whyrusleeping/tar-utils (Go)

**Affected versions**

< 0.0.0-20201201191210-20a61371de5b

**Patched versions**

0.0.0-20201201191210-20a61371de5b

Headline

GHSA-jpf8-h7h7-3ppm: tar-utils Path Traversal vulnerability

Related news

ghsa: Latest News