GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

GHSA-2r2v-9pf8-6342: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover

GHSA-r5vf-wf4h-82gg: matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity

GHSA-f27p-cmv8-xhm6: fetch: Authorization headers not dropped when redirecting cross-origin

GHSA-2p95-8xvm-2pjx: REDAXO CMS Cross-site Scripting vulnerability

### Impact
It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks

### Workarounds
No


**vantage6 vulnerable to username timing attack**

Low severity GitHub Reviewed Published Jan 30, 2024 in vantage6/vantage6 • Updated Jan 30, 2024

Headline

GHSA-45gq-q4xh-cp53: vantage6 vulnerable to username timing attack

Impact

Workarounds

ghsa: Latest News