We have just published JSA-2022-0002 and JSA-2022-0003, security advisories with critical and medium severity.
These advisories affect the jicofo (critical) and jigasi (medium) projects.
The issue mentioned in the advisories has already been fixed in the last stable releases.