GHSA-hjq4-87xh-g4fv: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service

GHSA-22c2-9gwg-mj59: Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store

GHSA-jqq5-wc57-f8hj: Langroid has a Code Injection vulnerability in TableChatAgent

GHSA-r683-v43c-6xqv: samlify SAML Signature Wrapping attack

GHSA-5j3w-5pcr-f8hg: Symfony UX allows unsanitized HTML attribute injection via ComponentAttributes

Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server.

This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0.

Users are recommended to upgrade to version 1.5.0, which fixes the issue.

**Apache HugeGraph-Server: Fixed JWT Token (Secret)**

Moderate severity GitHub Reviewed Published Dec 24, 2024 to the GitHub Advisory Database • Updated Dec 26, 2024

Headline

GHSA-f697-gm3h-xrf9: Apache HugeGraph-Server: Fixed JWT Token (Secret)

ghsa: Latest News