Crossite scripting, certificate validation issues, vulnerabilities in 3rd party packages.
vulners.com/securityvulns/securityvulns:doc:31491