Please do not publish security vulnerabilities publicly until we've had a chance to address them. All security related issues/patches should be sent directly to security@overleaf.com where we will attempt to address them quickly. If you're unsure whether something is a security issue or not, then please be cautious and contact us at security@overleaf.com first.
Security: overleaf/overleaf
Security
SECURITY.md
-
Arbitrary language parameter can passed to `aspell` executable via spelling requestsGHSA-pxm4-p454-vppg published
Sep 2, 2024 by mans0954Moderate -
Insecure default setting for Server Pro installed via Overleaf toolkit before 2024-07-17 and docker-compose before 2024-08-28GHSA-m95q-g8qg-wgj4 published
Sep 2, 2024 by mans0954High
Learn more about advisories related to overleaf/overleaf in the GitHub Advisory Database