GHSA-m43g-m425-p68x: junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener 

GHSA-hc55-p739-j48w: @modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

GHSA-q66q-fx2p-7w4m: @modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

GHSA-h34r-jxqm-qgpr: juju/utils leaks private key in certs

GHSA-xg8h-j46f-w952: Pillow vulnerability can cause write buffer overflow on BCn encoding

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component.

**OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack**

Moderate severity GitHub Reviewed Published Apr 12, 2024 to the GitHub Advisory Database • Updated Apr 12, 2024

Headline

GHSA-jx7x-9r98-h5xr: OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack

ghsa: Latest News