GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission

GHSA-jjxq-ff2g-95vh: Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled

GHSA-6377-hfv9-hqf6: Twig has unguarded calls to `__toString()` when nesting an object into an array

GHSA-hv6m-qj65-26q3: UnoPim Cross-site Scripting vulnerability

GHSA-rhm9-gp5p-5248: Gradio vulnerable to arbitrary file read with File and UploadButton components

Exposure of Remote Code Execution in Apache Dolphinscheduler.

This issue affects Apache DolphinScheduler: before 3.2.2. 

We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

**Apache Dolphinscheduler Code Injection vulnerability**

Critical severity GitHub Reviewed Published Aug 20, 2024 to the GitHub Advisory Database • Updated Aug 20, 2024

Headline

GHSA-2fm6-mv57-p2qh: Apache Dolphinscheduler Code Injection vulnerability

ghsa: Latest News