GHSA-6qhv-4h7r-2g9m: rfc3161-client has insufficient verification for timestamp response signatures

GHSA-g3qg-6746-3mg9: zkVM Underconstrained Vulnerability

GHSA-93c7-7xqw-w357: Pingora has a Request Smuggling Vulnerability

GHSA-vrw8-fxc6-2r93: chi Allows Host Header Injection which Leads to Open Redirect in RedirectSlashes

GHSA-qwwm-c582-82rx: Mattermost allows unauthorized channel member management through playbook runs

In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability.

**MTProto proxy remote code execution vulnerability**

High severity GitHub Reviewed Published Oct 10, 2023 to the GitHub Advisory Database • Updated Oct 10, 2023

Headline

GHSA-738q-mc72-2q22: MTProto proxy remote code execution vulnerability

Related news

ghsa: Latest News