GHSA-g5vw-3h65-2q3v: Access control vulnerable to user data deletion by anonynmous users

GHSA-3hxg-fxwm-8gf7: CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes 

GHSA-82j3-hf72-7x93: Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`)

GHSA-29wx-vh33-7x7r: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations

GHSA-7vm6-qwh5-9x44: loona-hpack Panic Vulnerability

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.

**python-jose algorithm confusion with OpenSSH ECDSA keys**

High severity GitHub Reviewed Published Apr 26, 2024 to the GitHub Advisory Database • Updated Apr 26, 2024

Headline

GHSA-6c5p-j8vq-pqhj: python-jose algorithm confusion with OpenSSH ECDSA keys

Related news

ghsa: Latest News