GHSA-83jg-m2pm-4jxj: Cowrie has a SSRF vulnerability in wget/curl emulation enabling DDoS amplification

GHSA-f43r-cc68-gpx4: External Control of File Name or Path in Langflow

GHSA-5993-7p27-66g5: Langflow vulnerable to Server-Side Request Forgery

GHSA-24v3-254g-jv85: Tuta Mail has DOM attribute and CSS injection in its Contact Viewer feature

GHSA-4hx9-48xh-5mxr: Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.

**Jeecg Boot SQL injection vulnerability**

Moderate severity GitHub Reviewed Published Dec 30, 2023 to the GitHub Advisory Database • Updated Jan 3, 2024

Headline

GHSA-5v9r-788c-wc8p: Jeecg Boot SQL injection vulnerability

ghsa: Latest News