GHSA-hc55-p739-j48w: @modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

GHSA-q66q-fx2p-7w4m: @modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

GHSA-h34r-jxqm-qgpr: juju/utils leaks private key in certs

GHSA-xg8h-j46f-w952: Pillow vulnerability can cause write buffer overflow on BCn encoding

GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

### Impact

Adversary can initiate DOS attack by broadcasting two consecutive blocks with timestamps in the future. 

### Patches

Please upgrade to v0.34.1

**Nervos CKB node panics when processing a block which parent timestamp is too new**

High severity GitHub Reviewed Published Jul 22, 2020 in nervosnetwork/ckb • Updated Feb 2, 2024

Headline

GHSA-hjqq-29pw-96wj: Nervos CKB node panics when processing a block which parent timestamp is too new

Impact

Patches

ghsa: Latest News