GHSA-wphj-fx3q-84ch: systeminformation has a Command Injection vulnerability in fsSize() function on Windows

GHSA-3f5f-xgrj-97pf: Parse Server is vulnerable to Server-Side Request Forgery (SSRF) via Instagram OAuth Adapter

GHSA-cfpf-hrx2-8rv6: Expr has Denial of Service via Unbounded Recursion in Builtin Functions

GHSA-g239-q96q-x4qm: @vitejs/plugin-rsc has an Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint

GHSA-c623-f998-8hhv: SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference

An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the `mutIn` and `mutInManyUnsafe` components.

**@thi.ng/paths Prototype Pollution vulnerability**

High severity GitHub Reviewed Published Mar 25, 2024 to the GitHub Advisory Database • Updated Mar 25, 2024

Headline

GHSA-8ppr-www8-hfjx: @thi.ng/paths Prototype Pollution vulnerability

ghsa: Latest News