Mar 13 CVE-2023-28120 (activesupport): Possible XSS Security Vulnerability in SafeBuffer#bytesplice posted in •
Mar 13 CVE-2023-27539 (rack): Possible Denial of Service Vulnerability in Rack’s header parsing posted in •
Jan 28 CVE-2023-23627 (sanitize): Improper neutralization of `noscript` element content may allow XSS in Sanitize posted in •
Jan 24 GHSA-636f-xm5j-pj9m (commonmarker): Several quadratic complexity bugs may lead to denial of service in Commonmarker posted in •
Jan 20 GHSA-q95h-cqrv-8jv5 (exiftool_vendored): ExifTool vulnerable to arbitrary code execution posted in •