GHSA-7p9f-6x8j-gxxp: CRI-O: Maliciously structured checkpoint file can gain arbitrary node access

GHSA-hh33-46q4-hwm2: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion

GHSA-rmv2-8jjc-23xw: TCPDF Local File Inclusion vulnerability

GHSA-w5rq-g9r6-vrcg: @dapperduckling/keycloak-connector-server has Reflected XSS Vulnerability in Authentication Flow URL Handling

GHSA-q4xm-6fjc-5f6w: sigstore-java has vulnerability with bundle verification

Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.

**Apache Geode vulnerable to Cross-Site Scripting**

Moderate severity GitHub Reviewed Published Oct 25, 2022 • Updated Oct 25, 2022

Headline

GHSA-373r-9mg8-3jc4: Apache Geode vulnerable to Cross-Site Scripting

Related news

ghsa: Latest News