GHSA-c9p4-xwr9-rfhx: Zot IdP group membership revocation ignored

GHSA-cg87-wmx4-v546: KaTeX \htmlData does not validate attribute names

GHSA-v4mq-x674-ff73: AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider

GHSA-fcr8-4r9f-r66m: nbgrader's `frame-ancestors: self` grants all users access to formgrader

GHSA-8vq4-8hfp-29xh: Eugeny Tabby Sends Password Despite Host Key Verification Failure

An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the `mutIn` and `mutInManyUnsafe` components.

**@thi.ng/paths Prototype Pollution vulnerability**

High severity GitHub Reviewed Published Mar 25, 2024 to the GitHub Advisory Database • Updated Mar 25, 2024

Headline

GHSA-8ppr-www8-hfjx: @thi.ng/paths Prototype Pollution vulnerability

ghsa: Latest News