GHSA-55Q8-2GWX-29PC Ella Core Panics during NAS Authentication Response/Failure with missing IEs

Summary Ella Core panics when processing Authentication Response and Authentication Failure NAS message missing IEs. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fi...

DOMPurify contains a Cross-site Scripting vulnerability

DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in 2.5.9 and 3.3.2, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five missing rawtext elements noscript, xmp, noembed, noframes, iframe in the SAFEFORXML regex...

GHSA-V2WJ-7WPQ-C8VV DOMPurify contains a Cross-site Scripting vulnerability

DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in 2.5.9 and 3.3.2, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five missing rawtext elements noscript, xmp, noembed, noframes, iframe in the SAFEFORXML regex...

GO-2024-2597 Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb

Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb...