GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

GHSA-vm62-9jw3-c8w3: Gogs has an argument Injection in the built-in SSH server

GHSA-9pp6-wq8c-3w2c: Gogs allows argument injection during the previewing of changes

GHSA-ccqv-43vm-4f3w: Gogs allows deletion of internal files

An issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver.

**Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device**

Moderate severity GitHub Reviewed Published Sep 20, 2023 to the GitHub Advisory Database • Updated Sep 21, 2023

Headline

GHSA-364c-vvqx-446c: Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device

ghsa: Latest News