GHSA-27wf-5967-98gx:  Kubernetes kubelet arbitrary command execution

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data.


**Typo3 Security Misconfiguration in Frontend Session Handling**

Moderate severity GitHub Reviewed Published Jun 5, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024

Headline

GHSA-qr5f-6fcv-w69q: Typo3 Security Misconfiguration in Frontend Session Handling

ghsa: Latest News