GHSA-8pmp-678w-c8xx: gitsign may use incorrect Rekor entries during verification

GHSA-wvv7-wm5v-w2gv: Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE

An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.

**Path traversal in Archive**

Moderate severity GitHub Reviewed Published Aug 31, 2023 to the GitHub Advisory Database • Updated Aug 31, 2023