GHSA-w252-645g-87mp: Openfire has potential identity spoofing issue via unsafe CN parsing

GHSA-frh7-2f84-v9mw: is-arrayish@0.3.3 contains malware after npm account takeover

GHSA-6jp5-hh4c-8c5h: error-ex@1.3.3 contains malware after npm account takeover

GHSA-pxx3-g568-hxr4: color-convert@3.1.1 contains malware after npm account takeover

GHSA-5fvm-p68v-5wmh: color-name@2.0.1 contains malware after npm account takeover

util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.

**Path Traversal in Moby builder**

Moderate severity GitHub Reviewed Published Jan 31, 2024 to the GitHub Advisory Database • Updated Jan 31, 2024

Headline

GHSA-6hwg-w5jg-9c6x: Path Traversal in Moby builder

ghsa: Latest News