GHSA-r6f3-55wj-g9p3: WSO2 Identity Server Apps allows content spoofing in logs

GHSA-46v4-5mc8-q2cf: GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability

GHSA-3wgq-wrwc-vqmv: astral-tokio-tar has a path traversal in tar extraction

GHSA-wcwh-7gfw-5wrr: Http4s vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section

GHSA-4w7r-h757-3r74: Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

An issue was discovered in the bsock component of bcoin-org bcoin that allows remote attackers to obtain sensitive information via weak hashing algorithms in the component `\vendor\faye-websocket.js`.

**bsock uses weak hashing algorithms**

Moderate severity GitHub Reviewed Published Dec 21, 2023 to the GitHub Advisory Database • Updated Dec 21, 2023

Headline

GHSA-jj93-39pf-7mcf: bsock uses weak hashing algorithms

ghsa: Latest News