GHSA-gppm-hq3p-h4rp: Git credentials are exposed in Atlantis logs

GHSA-gr3c-q7xf-47vh: XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

GHSA-8m24-3cfx-9fjw: sp1 has insufficient observation of cumulative sum

GHSA-j857-2pwm-jjmm: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

amphp/http versions before 1.0.1 allows an attacker to supply invalid input in the Host header which may lead to various type of Host header injection attacks.

**amphp/http Host Header Injection vulnerability**

Moderate severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database • Updated May 15, 2024

Headline

GHSA-8v5x-6vv5-jv4g: amphp/http Host Header Injection vulnerability

ghsa: Latest News