GHSA-vx9q-rhv9-3jvg: aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

GHSA-3jp5-5f8r-q2wg: Vuetify has a Prototype Pollution vulnerability

GHSA-9w3x-85mw-4fwm: Vuetify has a Cross-site Scripting (XSS) vulnerability in the VDatePicker component

GHSA-m5gv-vj3f-6v2p: Liferay Portal and DXP Instance Admin can execute code using Objects Actions and Validations

GHSA-55jh-84jv-8mx8: Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule

Pypi package scout-browser (GitHub repository clinical-genomics/scout) prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting.

**Server-Side Request Forgery in scout-browser**

High severity GitHub Reviewed Published May 6, 2022 • Updated May 24, 2022

Headline

GHSA-g53g-q539-93cv: Server-Side Request Forgery in scout-browser

ghsa: Latest News