[CRITICAL] Orchid Deserialization of Untrusted Data vulnerability leads to Remote Code Execution

PKSA-2xng-hhxr-ynpp CVE-2023-36825 GHSA-ph6g-p72v-pc3p

Affected version: >=14.0.0-alpha4,<14.5.0

Reported by:
GitHub

[HIGH] Inline attribute values were not processed.

PKSA-g55w-v7j4-zds7 CVE-2020-15263 GHSA-589w-hccm-265x

Affected version: >=9.0.0,<9.4.4

Reported by:
GitHub