GHSA-7xqm-7738-642x: File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing

GHSA-7mcq-f592-pf7v: Slice Ring Buffer and Slice Deque contains four unique double-free vulnerabilities triggered through safe APIs

GHSA-7xwp-2cpp-p8r7: File Browser’s insecure JWT handling can lead to session replay attacks after logout

GHSA-vhvx-8xgc-99wf: DSpace is vulnerable to Path Traversal attacks when importing packages using Simple Archive Format

GHSA-jjwr-5cfh-7xwh: DSpace is vulnerable to XML External Entity injection during archive imports 

TCPDF before 6.7.4 mishandles calls that use HTML syntax.

**TCPDF Cross-site Scripting vulnerability**

Moderate severity GitHub Reviewed Published Apr 15, 2024 to the GitHub Advisory Database • Updated Apr 15, 2024

Headline

GHSA-g9wg-98c2-qv3v: TCPDF Cross-site Scripting vulnerability

ghsa: Latest News