GHSA-3w94-vq2x-v5wr: ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions

GHSA-m43g-m425-p68x: junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener 

GHSA-hc55-p739-j48w: @modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

GHSA-q66q-fx2p-7w4m: @modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

GHSA-h34r-jxqm-qgpr: juju/utils leaks private key in certs

GJSON < 1.6.6 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.

**Improper Validation of Array Index in GJSON**

High severity GitHub Reviewed Published Feb 6, 2023 to the GitHub Advisory Database • Updated Feb 6, 2023

Headline

GHSA-p64j-r5f4-pwwx: Improper Validation of Array Index in GJSON

ghsa: Latest News