GHSA-6gvq-jcmp-8959: ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

GHSA-r7v6-mfhq-g3m2: Fickling has Code Injection vulnerability via pty.spawn()

GHSA-565g-hwwr-4pp3: Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list

GHSA-84h7-rjj3-6jx4: Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder

GHSA-3pmh-24wp-xpf4: Weblate has Systematic User and Project Enumeration via Broken Authorization in REST API (IDOR)

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

**Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.**

Moderate severity GitHub Reviewed Published Feb 2, 2024 to the GitHub Advisory Database • Updated Feb 2, 2024

Headline

GHSA-v269-rrr6-cx6r: Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

ghsa: Latest News