GHSA-hxf5-99xg-86hw: cap-std doesn't fully sandbox all the Windows device filenames

GHSA-c2f5-jxjv-2hh8: Wasmtime doesn't fully sandbox all the Windows device filenames

GHSA-4cf2-cxp3-rjr7: HAPI FHIR XML External Entity (XXE) vulnerability

GHSA-v2qh-f584-6hj8: @workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

GHSA-5wmg-9cvh-qw25: @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Previously, `MemBio::get_buf` called `slice::from_raw_parts` with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.


**openssl's \`MemBio::get\_buf\` has undefined behavior with empty buffers**

Moderate severity GitHub Reviewed Published Jul 22, 2024 to the GitHub Advisory Database • Updated Jul 22, 2024

Headline

GHSA-q445-7m23-qrmw: openssl's `MemBio::get_buf` has undefined behavior with empty buffers

ghsa: Latest News