Erlang/OTP -- SFTP READLINK discloses server filesystem paths

https://github.com/erlang/otp/security/advisories/GHSA-pv7g-pjrq-x2fh reports: The SSH SFTP daemon's handling of SSHFXPREADLINK returned symbolic link targets containing the server's absolute filesystem path, disclosing the backend root prefix to clients. The handler now strips the backend root...

Fortra GoAnywhere 安全漏洞

Fortra GoAnywhere is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere versions prior to 7.8.0, which stems from an error message containing an absolute server path that could lead to application mapping ambiguity testing...