GHSA-27wf-5967-98gx:  Kubernetes kubelet arbitrary command execution

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

### Impact
The existing URI path filters in OctoRPKI (version < 1.4.3) mitigating Path traversal vulnerability could be bypassed by an attacker. In case a malicious TAL file is parsed, it was possible to write files outside the base cache folder.

### Patches
The issue was fixed in version 1.4.3

### References
[CVE-2021-3907](https://www.cvedetails.com/cve/CVE-2021-3907/)



**Path traversal mitigation bypass in OctoRPKI**

High severity GitHub Reviewed Published Jun 25, 2022 in cloudflare/cfrpki

Headline

GHSA-3jhm-87m6-x959: Path traversal mitigation bypass in OctoRPKI

Impact

Patches

References

ghsa: Latest News