GHSA-vh5j-5fhq-9xwg: Taylor has race condition in /get-patch that allows purchase token replay

GHSA-jfj7-249r-7j2m: TabberNeue vulnerable to Stored XSS through wikitext

GHSA-m435-9v6r-v5f6: MobSF vulnerability allows SSRF due to the allow_redirects=True parameter

GHSA-fv92-fjc5-jj9h: mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

GHSA-277f-37gw-9gmq: raspap-webgui has a Directory Traversal vulnerability

Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the `theProcess()` functionality due to improper user-input sanitization.

**exec-local-bin vulnerable to Command Injection**

High severity GitHub Reviewed Published Jan 6, 2023 • Updated Jan 9, 2023

Headline

GHSA-f259-h6m8-hm8m: exec-local-bin vulnerable to Command Injection

Related news

ghsa: Latest News