GHSA-9722-9j67-vjcr: Improper Authorization in Select Permissions

GHSA-qjrv-v6qp-x99x: SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

GHSA-f3cx-396f-7jqp: Livewire Remote Code Execution on File Uploads

GHSA-ffcv-v6pw-qhrp: Denial of Service in TYPO3 Bookmark Toolbar

GHSA-9cp9-8gw2-8v7m: Adguard Home arbitrary file read vulnerability

Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.

**MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution**

High severity GitHub Reviewed Published Feb 24, 2024 to the GitHub Advisory Database • Updated Feb 27, 2024

Headline

GHSA-3v79-q7ph-j75h: MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution

ghsa: Latest News