Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-445m-27cf-gr3x: Crawl4AI SSRF vulnerability

Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py.

ghsa
#vulnerability#web#ssrf#auth
GHSA-22fp-mf44-f2mq: youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization

#### Description This advisory follows the security advisory [GHSA-79w7-vh3h-8g4j published by the _yt-dlp/yt-dlp_ project](https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j) to aid remediation of the issue in the _ytdl-org/youtube-dl_ project. ### Vulnerability _youtube-dl_ does not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder (and path traversal on Windows). ### Impact Since _youtube-dl_ also reads config from the working directory (and, on Windows, executables will be executed from the _youtube-dl_ directory by default) the vulnerability could allow the unwanted execution of local code, including downloads masquerading as, eg, subtitles. ### Patches The versions of _youtube-dl_ listed as _Patched_ remediate this vulnerability by disallowing path separators and whitelisting allowed extensions. As a result, some very uncommon extensions might not get downloaded. ### Workarounds Any/al...

GHSA-5423-jcjm-2gpv: Traefik affected by Go HTTP Request Smuggling Vulnerability

### Summary net/http: request smuggling through invalid chunked data: The net/http package accepts data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permit request smuggling. [CVE-2025-22871] Vendor Affected Components: Go: 1.23.x < 1.23.8 More Details: [CVE-2025-22871](https://nvd.nist.gov/vuln/detail/CVE-2025-22871) ## Patches - https://github.com/traefik/traefik/releases/tag/v2.11.24 - https://github.com/traefik/traefik/releases/tag/v3.3.6 - https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2

GHSA-3wqc-mwfx-672p: Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability

### Summary We have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22. - https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297 ### Details It seems to target oauth2/jws library. ### PoC No steps to replicate this vulnerability ### Impact We have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions. ## Patches - https://github.com/traefik/traefik/releases/tag/v2.11.24 - https://github.com/traefik/traefik/releases/tag/v3.3.6 - https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2

GHSA-vq95-6x79-qv8j: Alkacon OpenCMS stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.

GHSA-9g64-r942-fvmp: Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed. The .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether. Users are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future.

GHSA-53q9-r3pm-6pq6: PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

# Description I found a Remote Command Execution (RCE) vulnerability in the PyTorch. When load model using torch.load with weights_only=True, it can still achieve RCE. # Background knowledge https://github.com/pytorch/pytorch/security As you can see, the PyTorch official documentation considers using `torch.load()` with `weights_only=True` to be safe. ![image](https://github.com/user-attachments/assets/fdaa8520-d66a-473a-ab1f-163d793de298) Since everyone knows that weights_only=False is unsafe, so they will use the weights_only=True to mitigate the security issue. But now, I just proved that even if you use weights_only=True, it still can achieve RCE. So it is time to update your PyTorch version~. # Credit This vulnerability was found by Ji'an Zhou.

GHSA-h9w6-f932-gq62: ses's global contour bindings leak into Compartment lexical scope

### Impact Web pages and web extensions using `ses` and the `Compartment` API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `<script>` tag will have inadvertently revealed these bindings in the lexical scope of third-party code. ### Patches This compromise is addressed in `ses` version `1.12.0`. The mechanism for confining third-party code involves a `with` block and a semi-opaque scope `Proxy`. The proxy previously revealed any named property to the surrounding lexical scope if it were absent on `globalThis`, so that the third-party code would receive an informative `ReferenceError`, relying on the invalid assumption that only properties of `globalThis` are in the top-level lexical scope. The solution makes the scope proxy fully opaque. Consequently, accessing an unbound free lexical name will produce `undefined` instead of throwing `ReferenceError`. Assigning to an un...

GHSA-mg2h-6x62-wpwc: Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass

### Impact In applications that specify different validation strategies for different content types, it's possible to bypass the validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. Users using the the following pattern are affected: ```js fastify.post('/', { handler(request, reply) { reply.code(200).send(request.body) }, schema: { body: { content: { 'application/json': { schema: { type: 'object', properties: { 'foo': { type: 'string', } }, required: ['foo'] } }, } } } }) ``` User using the following pattern are **not** affected: ```js fastify.post('/', { handler(request, reply) { reply.code(200).send(request.body) }, schema: { body: { type: 'object', properties: { 'foo': { type: 'string', } }, ...

GHSA-7xq5-54jp-2mfg: Rasa Pro Missing Authentication For Voice Connector APIs

## Vulnerability A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the `credentials.yml` file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticated source. This impacts the following connectors: - `audiocodes_stream` - `genesys` - `jambonz` As part of our investigation to resolve this issue, we have also performed a security review of our other voice channel connectors: - `browser_audio`: Does not support authentication. This is a development channel not intended for production use. - `twilio_media_streams`, `twilio_voice` and `jambonz`: Authentication is currently not supported by these channels, but our investigation has found a way for us to enable it for these voice channel connectors in a future Rasa Pro release. ## Fix The issue has been resolved for `audiocodes`, `audiocodes_stream`, and `genesys` connectors. Fixed versi...