GHSA-pjwm-cr36-mwv3: ReDoS in giskard's transformation.py (GHSL-2024-324)

GHSA-j3vq-pmp5-r5xj: Missing ratelimit on passwrod resets in zenml

GHSA-j3px-q95c-9683: zlib-rs stack overflow during decompression with malicious input

GHSA-p2h2-3vg9-4p87: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

GHSA-hff8-hjwv-j9q7: Remote Code Execution on click of <a> Link in markdown preview

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types.




**Hard-coded credentials in org.folio:mod-remote-storage**

Moderate severity GitHub Reviewed Published Jan 19, 2024 to the GitHub Advisory Database • Updated Jan 23, 2024

Headline

GHSA-hv5g-q4h3-64q4: Hard-coded credentials in org.folio:mod-remote-storage

ghsa: Latest News