Docker
CVE-2026-42353
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
1Blast Radius
ecosystem impact- 1 npm packages depend on i18next-http-middleware (1 direct, 0 indirect)
Ecosystem-wide dependent count for version 3.9.3.
DescriptionGitHub Advisory
Summary
Versions of i18next-http-middleware prior to 3.9.3 pass the user-controlled lng and ns values from getResourcesHandler directly into i18next.services.backendConnector.load(languages, namespaces, …) without any sanitisation. Depending on which backend is configured, the unvalidated path segments enable one of two attacks:
- Filesystem path traversal when the middleware is paired with
i18next-fs-backend(or any backend that interpolateslng/nsinto a filesystem path). - Server-Side Request Forgery (SSRF) when the middleware is paired with
i18next-http-backend(or any backend that interpolates into an HTTP URL).
Example request:
GET /locales/resources.json?lng=../../etc/passwd&ns=rootwith i18next-fs-backend reads the attacker-chosen file from disk; with i18next-http-backend reshapes the outgoing URL to target an internal service.
Impact
- Arbitrary file read via
fs-style backends - any file the Node process can read becomes reachable (source, configuration,.sshkeys,.env, Docker secrets, etc.). - SSRF via
http-style backends - requests to internal IPs / hostnames not normally reachable from the internet; combined with cloud metadata endpoints this can escalate to credential theft. - Unbounded growth of
i18next.options.ns- a now-incidental amplification: the pre-patchgetResourcesHandlerpushed every uniquensvalue into the sharedi18next.options.nssingleton array without validation or bounds, enabling memory exhaustion from repeated unique payloads.
The severity is bounded by the backend in place, but the middleware itself exposed the unsanitised path; this is the "weakest link" layer.
Affected versions
< 3.9.3.
Patch
Fixed in 3.9.3. The patch introduces utils.isSafeIdentifier and applies it in getResourcesHandler before lng and ns reach the backend connector:
languages = languages.filter(utils.isSafeIdentifier)
namespaces = namespaces.filter(utils.isSafeIdentifier)isSafeIdentifier uses a denylist approach - it still accepts any legitimate i18next language-code shape (i18next FAQ) - rejecting:
..sequences (relative path traversal)- path separators (
/,\) - control characters (C0/C1)
- prototype keys (
__proto__/constructor/prototype) - empty strings and values longer than 128 characters
Unsafe values are dropped; only safe values reach the backend. The fix is a defence-in-depth layer on top of any sanitisation the backend itself may apply.
Workarounds
No workaround short of upgrading. Front-proxying the middleware with a WAF rule that rejects requests containing .., /, \, or URL-structure characters in lng / ns is a partial mitigation. Upgrading the configured backend (i18next-fs-backend ≥ 2.6.4, i18next-http-backend ≥ 3.0.5) also closes the same attack at the next layer.
Related advisories fixed in the same release
- GHSA-5fgg-jcpf-8jjw - prototype pollution via
setPathandmissingKeyHandler. Independently fixable, filed separately per CNA rules. - GHSA-c3h8-g69v-pjrg - HTTP response splitting + XSS-filter bypass (CVE-2026-41683).
Credits
Discovered via an internal security audit of the i18next ecosystem.
Resources
- CWE-22: Path Traversal
- CWE-918: Server-Side Request Forgery (SSRF) (specific sub-case when paired with an HTTP backend)
- i18next FAQ: language code formatting
Analysis
Summary
Versions of i18next-http-middleware prior to 3.9.3 pass the user-controlled lng and ns values from getResourcesHandler directly into i18next.services.backendConnector.load(languages, namespaces, …) without any sanitisation. Depending on which backend is configured, the unvalidated path segments enable one of two attacks:
- Filesystem path traversal when the middleware is paired with
i18next-fs-backend(or any backend that interpolateslng/nsinto a filesystem path). - Server-Side Request Forgery (SSRF) when the middleware is paired with
i18next-http-backend(or any backend that interpolates into an HTTP URL).
Example request:
GET /locales/resources.json?lng=../../etc/passwd&ns=rootwith i18next-fs-backend reads the attacker-chosen file from disk; with i18next-http-backend reshapes the outgoing URL to target an internal service.
Impact
- Arbitrary file read via
fs-style backends - any file the Node process can read becomes reachable (source, configuration,.sshkeys,.env, Docker secrets, etc.). - SSRF via
http-style backends - requests to internal IPs / hostnames not normally reachable from the internet; combined with cloud metadata endpoints this can escalate to credential theft. - Unbounded growth of
i18next.options.ns- a now-incidental amplification: the pre-patchgetResourcesHandlerpushed every uniquensvalue into the sharedi18next.options.nssingleton array without validation or bounds, enabling memory exhaustion from repeated unique payloads.
The severity is bounded by the backend in place, but the middleware itself exposed the unsanitised path; this is the "weakest link" layer.
Affected versions
< 3.9.3.
Patch
Fixed in 3.9.3. The patch introduces utils.isSafeIdentifier and applies it in getResourcesHandler before lng and ns reach the backend connector:
languages = languages.filter(utils.isSafeIdentifier)
namespaces = namespaces.filter(utils.isSafeIdentifier)isSafeIdentifier uses a denylist approach - it still accepts any legitimate i18next language-code shape (i18next FAQ) - rejecting:
..sequences (relative path traversal)- path separators (
/,\) - control characters (C0/C1)
- prototype keys (
__proto__/constructor/prototype) - empty strings and values longer than 128 characters
Unsafe values are dropped; only safe values reach the backend. The fix is a defence-in-depth layer on top of any sanitisation the backend itself may apply.
Workarounds
No workaround short of upgrading. Front-proxying the middleware with a WAF rule that rejects requests containing .., /, \, or URL-structure characters in lng / ns is a partial mitigation. Upgrading the configured backend (i18next-fs-backend ≥ 2.6.4, i18next-http-backend ≥ 3.0.5) also closes the same attack at the next layer.
Related advisories fixed in the same release
- GHSA-5fgg-jcpf-8jjw - prototype pollution via
setPathandmissingKeyHandler. Independently fixable, filed separately per CNA rules. - GHSA-c3h8-g69v-pjrg - HTTP response splitting + XSS-filter bypass (CVE-2026-41683).
Credits
Discovered via an internal security audit of the i18next ecosystem.
Resources
- CWE-22: Path Traversal
- CWE-918: Server-Side Request Forgery (SSRF) (specific sub-case when paired with an HTTP backend)
- i18next FAQ: language code formatting
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac
Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve
Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at
Same weakness CWE-22 – Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-jfgf-83c5-2c4m