GHSA-CPJ3-3R2F-XJ59 OpenBao has Reflected XSS in its OIDC authentication error message

Impact OpenBao installations that have an OIDC/JWT authentication method enabled and a role with callbackmode=direct configured are vulnerable to XSS via the errordescription parameter on the page for a failed authentication. This allows an attacker access to the token used in the Web UI by a...

PYSEC-2021-712

TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling...