GHSA-p8cm-mm2v-gwjm: Monai: Unsafe use of Pickle deserialization may lead to RCE

GHSA-6vm5-6jv9-rjpj: MONAI: Unsafe torch usage may lead to arbitrary code execution

GHSA-x6ww-pf9m-m73m: MONAI does not prevent path traversal, potentially leading to arbitrary file writes

GHSA-72cm-7236-h43r: TinyEnv: Inline comments not stripped properly in .env values

GHSA-3j7m-5g4q-gfpc: TinyEnv: Missing .env file not required — may cause unexpected behavior

An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.

**TCPDF has incorrect comparison**

Moderate severity GitHub Reviewed Published Dec 27, 2024 to the GitHub Advisory Database • Updated Dec 27, 2024

Headline

GHSA-w95c-7994-ghpr: TCPDF has incorrect comparison

ghsa: Latest News