GHSA-wf8f-6423-gfxg: Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

GHSA-cwwm-hr97-qfxm: SpiceDB checks involving relations with caveats can result in no permission when permission is expected

GHSA-cvx7-x8pj-x2gw: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification

GHSA-qx7g-fx8q-545g: Para Inserts Sensitive Information into Log File for Facebook authentication

GHSA-jq8x-v7jw-v675: Duplicate Advisory: users may append `root` to group listings

Failing to properly validate user input, the form component is susceptible to Arbitrary File Disclosure. A valid backend user account is needed to exploit this vulnerability. Only forms are vulnerable, which contain upload fields.

**Typo3 Arbitrary File Disclosure in Form Component**

Moderate severity GitHub Reviewed Published Jun 4, 2024 to the GitHub Advisory Database • Updated Jun 4, 2024

Headline

GHSA-wrpf-2x8h-82gr: Typo3 Arbitrary File Disclosure in Form Component

ghsa: Latest News