GHSA-3qhf-m339-9g5v: MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

GHSA-j975-95f5-7wqh: MCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of Service

GHSA-j4rj-fgcq-wmqp: Cockpit - Content Platform vulnerable to XSS through name or email argument names

GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext

GHSA-prmv-7r8c-794g: Citizen vulnerable to Stored XSS through short descriptions

Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of CVE-2022-25912.

**Remote code execution in simple-git**

High severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 27, 2023

Headline

GHSA-9w5j-4mwv-2wj8: Remote code execution in simple-git

ghsa: Latest News