Monthly
A regex-based bypass vulnerability in the @dicebear/converter npm package allows attackers to circumvent SVG dimension sanitization by injecting decoy <svg tags in XML constructs. Applications using @dicebear/converter on Node.js to process untrusted SVG input are vulnerable to denial of service through unbounded memory allocation when rendering malformed SVGs. The CVSS score of 7.5 reflects the high availability impact with network-accessible attack vector requiring no authentication or user interaction.
Insufficient file extension validation in the PDF export component of LDAP Account Manager prior to version 9.5 permits authenticated attackers to upload arbitrary file types, including PHP files, to the server. When combined with GHSA-w7xq-vjr3-p9cf, this vulnerability enables remote code execution with web server privileges. Affected users should upgrade to version 9.5 or restrict web server write access to the LAM configuration directory.
Fastify improperly validates Content-Type headers by accepting RFC 9110-violating malformed values with trailing characters, allowing attackers to bypass content-type restrictions and route requests to unintended parsers. When regex-based content-type parsing is enabled, requests with invalid Content-Type headers such as "application/json garbage" are processed normally instead of being rejected, potentially enabling request misrouting and manipulation of parser behavior. No patch is currently available for this medium-severity vulnerability affecting Fastify applications.
ReDoS in fast-xml-parser before fix via crafted XML. PoC and patch available.
Litestar versions before 2.20.0 improperly escape regex metacharacters in the allowed_hosts middleware, allowing attackers to bypass hostname validation by supplying hosts that match the compiled regex pattern but differ from intended literal hostnames. Public exploit code exists for this vulnerability. The flaw affects the ASGI framework's ability to properly restrict incoming requests to authorized hosts.
Hono's IP Restriction Middleware fails to properly validate IPv4 octet ranges, allowing attackers to bypass IP-based access controls by submitting malformed addresses with values exceeding 255. This affects all users relying on Hono's IP filtering mechanisms for authentication or authorization. A patch is available in version 4.11.7 and later.
A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A regex-based bypass vulnerability in the @dicebear/converter npm package allows attackers to circumvent SVG dimension sanitization by injecting decoy <svg tags in XML constructs. Applications using @dicebear/converter on Node.js to process untrusted SVG input are vulnerable to denial of service through unbounded memory allocation when rendering malformed SVGs. The CVSS score of 7.5 reflects the high availability impact with network-accessible attack vector requiring no authentication or user interaction.
Insufficient file extension validation in the PDF export component of LDAP Account Manager prior to version 9.5 permits authenticated attackers to upload arbitrary file types, including PHP files, to the server. When combined with GHSA-w7xq-vjr3-p9cf, this vulnerability enables remote code execution with web server privileges. Affected users should upgrade to version 9.5 or restrict web server write access to the LAM configuration directory.
Fastify improperly validates Content-Type headers by accepting RFC 9110-violating malformed values with trailing characters, allowing attackers to bypass content-type restrictions and route requests to unintended parsers. When regex-based content-type parsing is enabled, requests with invalid Content-Type headers such as "application/json garbage" are processed normally instead of being rejected, potentially enabling request misrouting and manipulation of parser behavior. No patch is currently available for this medium-severity vulnerability affecting Fastify applications.
ReDoS in fast-xml-parser before fix via crafted XML. PoC and patch available.
Litestar versions before 2.20.0 improperly escape regex metacharacters in the allowed_hosts middleware, allowing attackers to bypass hostname validation by supplying hosts that match the compiled regex pattern but differ from intended literal hostnames. Public exploit code exists for this vulnerability. The flaw affects the ASGI framework's ability to properly restrict incoming requests to authorized hosts.
Hono's IP Restriction Middleware fails to properly validate IPv4 octet ranges, allowing attackers to bypass IP-based access controls by submitting malformed addresses with values exceeding 255. This affects all users relying on Hono's IP filtering mechanisms for authentication or authorization. A patch is available in version 4.11.7 and later.
A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.