GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection

GHSA-8596-2jgr-ppj7: Amazon Redshift JDBC Driver vulnerable to SQL Injection

GHSA-xx95-62h6-h7v3: lgsl Stored Cross-Site Scripting vulnerability

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty.

**plotly.js prototype pollution vulnerability**

Critical severity GitHub Reviewed Published Jan 3, 2024 to the GitHub Advisory Database • Updated Jan 3, 2024

Headline

GHSA-wjc4-73q6-gv3m: plotly.js prototype pollution vulnerability

ghsa: Latest News