CVE-2025-21620 Deno's authorization headers not dropped when redirecting cross-origin

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. When you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Deno'sfetch redirect handling creates a follow-up redirect request that keeps the original...

PT-2015-7712

Name of the Vulnerable Software and Affected Versions ARM mbed TLS versions 1.3.x through 1.3.13 ARM mbed TLS versions 2.x through 2.1.1 Description The issue is related to a heap-based buffer overflow in ARM mbed TLS, which can be triggered by remote SSL servers. This occurs when a long session...