GHSA-287x-9rff-qvcg: Rust Web Push is vulnerable to a DoS attack via a large integer in a Content-Length header

GHSA-3qhf-m339-9g5v: MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

GHSA-j975-95f5-7wqh: MCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of Service

GHSA-794x-8x6x-qpfc: Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

GHSA-j4rj-fgcq-wmqp: Cockpit - Content Platform vulnerable to XSS through name or email argument names

Affected versions of this crate called `mem::zeroed()` to create values of a user-supplied type `T`.
This is unsound e.g. if `T` is a reference type (which must be non-null).
 
The flaw was corrected by avoiding the use of `mem::zeroed()`, using `MaybeUninit` instead.


**\`SegQueue\` creates zero value of any type**

Moderate severity GitHub Reviewed Published Jun 16, 2022 • Updated Jun 16, 2022

Headline

GHSA-8gj8-hv75-gp94: `SegQueue` creates zero value of any type

ghsa: Latest News