Security
Headlines

Headlines Latest CVEs

Headline

GHSA-7488-6x3r-23w5: Path Traversal in ganga

The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.

2 years ago

Path Traversal in ganga

Moderate severity GitHub Reviewed Published Jul 13, 2022 • Updated Jul 13, 2022

Related news

CVE-2022-31507: # Absolute Path Traversal due to incorrect use of `send_file` call (#… · ganga-devs/ganga@730e7ab

The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.

2 years ago

#vulnerability #web #git #auth

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution

1 day ago

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

1 day ago

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

1 day ago

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

1 day ago

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

1 day ago