GHSA-g9jg-w8vm-g96v: Trix has a stored XSS vulnerability through its attachment attribute

GHSA-rwc2-f344-q6w6: serverless MCP Server vulnerable to Command Injection in list-projects tool

GHSA-wcj4-jw5j-44wh: CBORDecoder reuse can leak shareable values across decode calls

GHSA-95qg-89c2-w5hj: theshit vulnerable to unsafe loading of user-owned Python rules when running as root

GHSA-7rvh-xqp3-pr8j: ImageMagick's failure to limit MVG mutual causes Stack Overflow

answerdev/answer is an open-source knowledge-based community software. Answer prior to 1.0.8 may expose sensitive information, such as EXIF data and GPS coordatinates, via image metadata.

**Answer vulnerable to Exposure of Sensitive Information Through Metadata**

High severity GitHub Reviewed Published Apr 11, 2023 to the GitHub Advisory Database • Updated Apr 11, 2023

Headline

GHSA-8jg3-rx43-3fv4: Answer vulnerable to Exposure of Sensitive Information Through Metadata

ghsa: Latest News