GHSA-wv8j-m3hx-924j: Arrow2 allows out of bounds access in public safe API

GHSA-v75g-77vf-6jjq: Para Server Logs Sensitive Information

GHSA-g9f5-x53j-h563: Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server

GHSA-8cgx-9ccj-3gwr: Mattermost fails to clear Google OAuth credentials

GHSA-86jg-35xj-3vv5: Mattermost fails to properly enforce access control restrictions for System Manager roles

If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists. This issue is fixed in version 1.8.3.

**OctoPrint vulnerable to Insufficient Session Expiration.**

Moderate severity GitHub Reviewed Published Sep 22, 2022 • Updated Sep 23, 2022

Headline

GHSA-937f-qh3w-6g87: OctoPrint vulnerable to Insufficient Session Expiration.

ghsa: Latest News