GHSA-g85v-wf27-67xc: Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`

GHSA-8495-4g3g-x7pr: aiohttp allows request smuggling due to incorrect parsing of chunk extensions

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list.

**SQL Injection in Funadmin**

Critical severity GitHub Reviewed Published Mar 8, 2023 to the GitHub Advisory Database • Updated Mar 14, 2023