GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

GHSA-v7gv-xpgf-6395: Keycloak Build Process Exposes Sensitive Data

GHSA-5545-r4hg-rj4m: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

GHSA-qpgc-w4mg-6v92: MLflow's excessive directory permissions allow local privilege escalation

GHSA-3864-rp2m-2qfj: libre-chat Path Traversal vulnerability

All versions of the package images are vulnerable to Denial of Service (DoS) due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash.

**Note:**
By providing some specific integer values (like 0) to the size function, it is possible to obtain a Segmentation fault error, leading to the process crash.

**images vulnerable to Denial of Service**

High severity GitHub Reviewed Published Jul 10, 2024 to the GitHub Advisory Database • Updated Jul 10, 2024

Headline

GHSA-vjpv-x8p9-7p85: images vulnerable to Denial of Service

ghsa: Latest News