curl: inconsistently Rejection Logic in file:// URLs with Authority

curl's file:// protocol handler inconsistently applies path sanitization. in reject file://../ as Bad File:// URL" but allows the same traversal when an authority/host e.g.,localhost is present file://localhost/../. this inconsistency misleads developers who rely on the bad file:// URL error for...

CVE-2022-47544

An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed...