GHSA-hhw4-xg65-fp2x: serde_yml crate is unsound and unmaintained

GHSA-gfxp-f68g-8x78: LibYML: `libyml::string::yaml_string_extend` is unsound and unmaintained

GHSA-qj3p-xc97-xw74: MetaMask SDK indirectly exposed via malicious debug@4.4.2 dependency

GHSA-95hm-pr6q-298w: fast-able is vulnerable to DoS attack through insecure method

GHSA-f3hf-r62c-mfrj: Liferay Portal: Missing Rate Limiting in GraphQL Endpoint Enables Resource Exhaustion Attack

HashiCorp go-slug before 0.5.0 does not address attempts at directory traversal involving ../ and symlinks.

**Unsafe tar unpacking in HashiCorp go-slug**

High severity GitHub Reviewed Published Feb 6, 2023 to the GitHub Advisory Database • Updated Feb 6, 2023

Headline

GHSA-2g5j-5x95-r6hr: Unsafe tar unpacking in HashiCorp go-slug

ghsa: Latest News