GHSA-4cf2-cxp3-rjr7: HAPI FHIR XML External Entity (XXE) vulnerability

GHSA-v2qh-f584-6hj8: @workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

GHSA-5wmg-9cvh-qw25: @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

GHSA-8pmp-678w-c8xx: gitsign may use incorrect Rekor entries during verification

GHSA-wvv7-wm5v-w2gv: Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login.

**Use of Hard-coded Credentials in Nacos**

High severity GitHub Reviewed Published Jul 6, 2022 • Updated Jul 6, 2022

Headline

GHSA-2g86-r6w2-wqqr: Use of Hard-coded Credentials in Nacos

Related news

ghsa: Latest News