GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

GHSA-gjcc-jvgw-wvwj: Litestar allows unbounded resource consumption (DoS vulnerability) 

GHSA-r4pg-vg54-wxx4: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs

GHSA-9c5p-35gj-jqp4: Rancher Helm Applications may have sensitive values leaked

GHSA-ffp2-8p2h-4m5j: Password Pusher rate limiter can be bypassed by forging proxy headers

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1.

**memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta**

Moderate severity GitHub Reviewed Published Aug 5, 2024 to the GitHub Advisory Database

Headline

GHSA-6fcf-g3mp-xj2x: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta

ghsa: Latest News