GHSA-wf8f-6423-gfxg: Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

GHSA-cwwm-hr97-qfxm: SpiceDB checks involving relations with caveats can result in no permission when permission is expected

GHSA-cvx7-x8pj-x2gw: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification

GHSA-qx7g-fx8q-545g: Para Inserts Sensitive Information into Log File for Facebook authentication

GHSA-jq8x-v7jw-v675: Duplicate Advisory: users may append `root` to group listings

Online Media Asset Handling (*`.youtube` and *`.vimeo` files) in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a dysfunctional backend component. A valid backend user account or write access on the server system (e.g. SFTP) is needed in order to exploit this vulnerability.

**TYPO3 Denial of Service in Online Media Asset Handling**

Moderate severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database

Headline

GHSA-f3wf-q4fj-3gxf: TYPO3 Denial of Service in Online Media Asset Handling

ghsa: Latest News