GHSA-8g98-m4j9-qww5: Taylored webhook validation vulnerabilities

GHSA-48p4-8xcf-vxj5: urllib3 does not control redirects in browsers and Node.js

GHSA-pq67-6m6q-mj2v: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation

GHSA-px2c-r924-mwcc: Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates

GHSA-2hw3-h8qx-hqqp: OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer

All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.

**easy-static-server vulnerable to Directory Traversal**

High severity GitHub Reviewed Published Dec 20, 2022 • Updated Dec 20, 2022

Headline

GHSA-wcwm-c3mr-pxcr: easy-static-server vulnerable to Directory Traversal

Related news

ghsa: Latest News