GHSA-9rcw-c2f9-2j55: OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

GHSA-76c9-3jph-rj3q: on-headers is vulnerable to http response header manipulation

GHSA-fjgf-rc76-4x9p: Multer vulnerable to Denial of Service via unhandled exception from malformed request

GHSA-29cq-5w36-x7w3: Livewire is vulnerable to remote command execution during component property update hydration

GHSA-hfj7-542q-8fvv: DiracX-Web is vulnerable to attack through an Open Redirect on its login page

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request

**Mage AI Path Traversal vulnerability**

Moderate severity GitHub Reviewed Published Aug 23, 2024 to the GitHub Advisory Database • Updated Aug 23, 2024

Headline

GHSA-4mrc-w7jh-hx4j: Mage AI Path Traversal vulnerability

ghsa: Latest News