GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

GHSA-v7gv-xpgf-6395: Keycloak Build Process Exposes Sensitive Data

GHSA-5545-r4hg-rj4m: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

GHSA-qpgc-w4mg-6v92: MLflow's excessive directory permissions allow local privilege escalation

GHSA-3864-rp2m-2qfj: libre-chat Path Traversal vulnerability

A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

**m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657**

Moderate severity GitHub Reviewed Published Feb 5, 2024 to the GitHub Advisory Database • Updated Feb 5, 2024

Headline

GHSA-944j-8ch6-rf6x: m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657

ghsa: Latest News