GHSA-g59r-24g3-h7cm: Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation

GHSA-29xp-372q-xqph: node-tar has a race condition leading to uninitialized memory exposure

GHSA-fj2x-735w-74vq: gnark-crypto allows unchecked memory allocation during vector deserialization

GHSA-cf57-c578-7jvv: Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode

GHSA-xgp7-7qjq-vg47: n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook

GJSON < 1.6.6 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.

**Improper Validation of Array Index in GJSON**

High severity GitHub Reviewed Published Feb 6, 2023 to the GitHub Advisory Database • Updated Feb 6, 2023

Headline

GHSA-p64j-r5f4-pwwx: Improper Validation of Array Index in GJSON

ghsa: Latest News