GHSA-vh5j-5fhq-9xwg: Taylor has race condition in /get-patch that allows purchase token replay

GHSA-jfj7-249r-7j2m: TabberNeue vulnerable to Stored XSS through wikitext

GHSA-m435-9v6r-v5f6: MobSF vulnerability allows SSRF due to the allow_redirects=True parameter

GHSA-fv92-fjc5-jj9h: mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

GHSA-277f-37gw-9gmq: raspap-webgui has a Directory Traversal vulnerability

An issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver.

**Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device**

Moderate severity GitHub Reviewed Published Sep 20, 2023 to the GitHub Advisory Database • Updated Sep 21, 2023

Headline

GHSA-364c-vvqx-446c: Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device

ghsa: Latest News