I know this is pretty new, but is Ignition affected by CVE-2023-5129? Looks like it was a lower score before as a different CVE but is now a 10.
https://nvd.nist.gov/vuln/detail/CVE-2023-5129
Edit:
Another link explaining a bit of history of this CVE and other software affected: https://www.cyberkendra.com/2023/09/webp-0day-google-assign-new-cve-for.html?m=1