GHSA-2r6g-7r83-jg72: `spam` project on PyPI compromised, malicious releases made

GHSA-qr4w-53vh-m672: opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863

GHSA-cxjf-x6jp-p7mc: opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863

GHSA-jh2j-j4j9-crg3: opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863

GHSA-w2pj-9cgh-mq2c: opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863

A Server-Side Template Injection (SSTI) vulnerability in the edit theme function of openCart project v4.0.2.3 allows attackers to execute arbitrary code via injecting a crafted payload.

**openCart Server-Side Template Injection (SSTI) vulnerability**

High severity GitHub Reviewed Published Jul 17, 2024 to the GitHub Advisory Database • Updated Jul 17, 2024

Headline

GHSA-xrh7-2gfq-4rcq: openCart Server-Side Template Injection (SSTI) vulnerability

ghsa: Latest News