Do you use jumps autocompletion? I don't... but lot's of Jump users do. If you happen to be one of the lot's and tried to autocomplete creatively named directories consisting shell-significant characters, the completion wouldn't work. Even worse, the completion could have triggered a shell command with specially crafted directory names and that's not good. Not good at all. It's a security issue!

Say you have the following directories indexed by jump already:

/Users/genadi/Test/
├── $\ dolla\ billz,\ yo!
├── $(mkdir\ Test2;\ echo\ you\ have\ been\ pwnd\ >&2)
└── test\ folder\ with\ `\ and\ -\ "\ all\ that\ jazz

j jazz<Tab> would not have opened the directory, but would have waited for you to close the ` or " quotes:

$ j /Users/genadi/Test/test folder with ` and - " all that jazz
>

j dolla<Tab> would have left you in /Users/genadi/Test

$ j /Users/genadi/Test/$ dolla billz, yo!
$ pwd
/Users/genadi/Test

... and worst of all, j pwnd<Tab> would have hacked you! Still, creating a folder is not that harmful, but running any available command with the permission of the current user is!

$ ls
 Desktop     Documents	 Library   Music      Public  'VirtualBox VMs'
 Developer   Downloads	 Movies    Pictures   Test     bin
$ j /Users/genadi/Test/$(mkdir Test2; echo you have been pwnd >&2)
you have been pwnd
$ ls ~
 Desktop     Documents	 Library   Music      Public   Test2		 bin
 Developer   Downloads	 Movies    Pictures   Test    'VirtualBox VMs'

All of this is fixed in Jump 0.40.0 by escaping the autocompletion. Running j pwnd<Tab> now does:

$ ls
 Desktop     Documents	 Library   Music      Public  'VirtualBox VMs'
 Developer   Downloads	 Movies    Pictures   Test     bin
$ j '/Users/genadi/Test/$(mkdir Test2; echo you have been pwnd >&2)'
$ pwd
/Users/genadi/Test/$(mkdir Test2; echo you have been pwnd >&2)
$ ls ~
 Desktop     Documents	 Library   Music      Public  'VirtualBox VMs'
 Developer   Downloads	 Movies    Pictures   Test     bin

Please, make sure to upgrade to 0.40.0 as soon as you can.