Byamb4

**Nome do Software Vulnerável e Versões Afetadas** multer versões 2.0.0-alpha.1 até 2.1.1 multer versão 3.0.0-alpha.1 **Description** Um problema de Negação de Serviço ocorre ao utilizar diskStorage. Uploads multipart abortados ou malformados deixam arquivos parciais órfãos no disco porque a chamada `Readable.pipe()` não propaga o sinal de destruição do fluxo para o `fs.WriteStream` subjacente. Isso permite que um invasor esgote o espaço em disco disparando inúmeros uploads abortados. **Recommendations** Atualizar para a versão 2.2.0 para as versões 2.0.0-alpha.1 até 2.1.1. Atualizar para a versão 3.0.0-alpha.2 para a versão 3.0.0-alpha.1.

**Name of the Vulnerable Software and Affected Versions** Handlebars versions 4.0.0 through 4.7.8 **Description** Handlebars is a templating engine that allows users to build semantic templates. Versions 4.0.0 through 4.7.8 contain a flaw in the `resolvePartial()` function within the Handlebars runtime. This function resolves partial names using a property lookup on `options.partials` without preventing prototype chain traversal. If `Object.prototype` is polluted with a string value matching a partial reference in a template, the polluted string is used as the partial body and rendered without HTML escaping, potentially leading to reflected or stored cross-site scripting (XSS). **Recommendations** Update to version 4.7.9 or later. Apply `Object.freeze(Object.prototype)` early in application startup. Use the Handlebars runtime-only build (`handlebars/runtime`).

**Name of the Vulnerable Software and Affected Versions** Picomatch versions prior to 4.0.4 Picomatch versions prior to 3.0.2 Picomatch versions prior to 2.3.2 **Description** Picomatch, a JavaScript glob matcher, contains a flaw where specially crafted POSIX bracket expressions, such as `[[:constructor:]]`, can inject inherited method names into generated regular expressions due to the `POSIX REGEX SOURCE` object inheriting from `Object.prototype`. This results in incorrect glob matching, potentially causing security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. The issue does not allow for remote code execution. The vulnerability affects users of affected `picomatch` versions processing untrusted or user-controlled glob patterns. **Recommendations** Versions prior to 4.0.4 should be upgraded to version 4.0.4 or later. Versions prior to 3.0.2 should be upgraded to version 3.0.2 or later. Versions prior to 2.3.2 should be upgraded to version 2.3.2 or later. If upgrading is not immediately possible, avoid passing untrusted glob patterns to Picomatch. Sanitize or reject untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`. Avoid using POSIX bracket expressions if user input is involved. Manually patch the library by modifying `POSIX REGEX SOURCE` to use a null prototype.

**Name of the Vulnerable Software and Affected Versions** Picomatch versions prior to 4.0.4 Picomatch versions prior to 3.0.2 Picomatch versions prior to 2.3.2 **Description** Picomatch, a glob matcher written in JavaScript, is susceptible to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Specific patterns utilizing extglob quantifiers like `+()` and `*()`, particularly when combined with overlapping alternatives or nested extglobs, can be compiled into regular expressions that exhibit catastrophic backtracking on non-matching input. Applications allowing untrusted users to supply glob patterns to `picomatch` for compilation or matching are at risk. An attacker can potentially cause excessive CPU consumption and disrupt the Node.js event loop, leading to a denial of service. Applications using only trusted, developer-controlled glob patterns are less likely to be affected. **Recommendations** Versions prior to 4.0.4: Upgrade to version 4.0.4 or later. Versions prior to 3.0.2: Upgrade to version 3.0.2 or later. Versions prior to 2.3.2: Upgrade to version 2.3.2 or later. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Disable extglob support for untrusted patterns by using `noextglob: true`. Reject or sanitize patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`. Enforce strict allowlists for accepted pattern syntax. Run matching in an isolated worker or separate process with time and resource limits. Apply application-level request throttling and input validation for any endpoint that accepts glob patterns.

**Name of the Vulnerable Software and Affected Versions** music-metadata versions prior to 11.12.3 **Description** music-metadata is a metadata parser for audio and video media files. The ASF parser within music-metadata, specifically the `parseExtensionObject()` function in `lib/asf/AsfParser.ts:112-158`, can enter an infinite loop when processing an ASF Header Extension Object containing a sub-object with `objectSize` equal to 0. This occurs because the `ignore()` function within the tokenizer accepts negative values without validation, leading to a continuous re-reading of a 24-byte header. The affected methods are `parseFile()` and `parseBuffer()`. An estimated 2.2 million weekly npm downloads are potentially impacted. A crafted 100-byte .asf file can cause applications using `parseFile()` or `parseBuffer()` to hang indefinitely. The `parseStream()` function is not affected as it uses a different `ignore()` implementation that throws a RangeError. **Recommendations** Versions prior to 11.12.3 should be updated to version 11.12.3 or later.

**Name of the Vulnerable Software and Affected Versions** file-type versions 20.0.0 through 21.3.1 **Description** file-type detects the file type of a file, stream, or data. A crafted ZIP file can trigger excessive memory growth during type detection when using the `fileTypeFromBuffer()`, `fileTypeFromBlob()`, or `fileTypeFromFile()` APIs. The ZIP inflate output limit is enforced for stream-based detection, but not for known-size inputs. This allows a small compressed ZIP file to cause file-type to inflate and process a much larger payload while probing ZIP-based formats such as OOXML. This is an availability issue, potentially causing applications to consume large amounts of memory, become slow, or crash. The issue stems from different limits being applied to ZIP detection based on whether the tokenizer had a known file size. For known-size inputs, `Number.MAX SAFE INTEGER` was used instead of a more appropriate limit, allowing a crafted ZIP to bypass the intended inflate limit. A ZIP file of approximately 255 KB can cause about 257 MB of RSS growth during `fileTypeFromBuffer()` on version 21.3.1. The affected APIs are `fileTypeFromBuffer()`, `fileTypeFromBlob()`, and `fileTypeFromFile()`. **Recommendations** file-type versions 20.0.0 through 21.3.1 should be updated to version 21.3.2 or later.

**Name of the Vulnerable Software and Affected Versions** flatted versions prior to 3.4.0 **Description** flatted is a circular JSON parser. The `parse()` function uses a recursive `revive()` phase to resolve circular references in deserialized JSON. When provided with a crafted payload containing deeply nested or self-referential `$` indices, the recursion depth becomes unbounded, leading to a stack overflow and crashing the Node.js process. This can result in a Denial of Service (DoS). The software has approximately 87 million weekly npm downloads and is used in many caching and logging libraries. The issue is triggered by passing untrusted input to the `flatted.parse()` function. A proof of concept demonstrates building a deeply nested circular reference chain to cause a stack overflow. The vulnerable component is the `parse()` function, which utilizes the `revive()` function. **Recommendations** Versions prior to 3.4.0 should be updated to version 3.4.0 or later.

**Name of the Vulnerable Software and Affected Versions** Locutus versions prior to 3.0.14 **Description** Locutus is a JavaScript library that aims to bring standard libraries from other programming languages to JavaScript for educational purposes. The `create function(args, code)` function in versions prior to 3.0.14 passes both parameters directly to the `Function` constructor without any sanitization. This allows for arbitrary code execution. The issue resides in the `src/php/funchand/create function.ts` file, specifically at line 17, where `new Function(...params, code)` is used without input validation. An attacker who can control either argument to `create function()` can achieve full remote code execution (RCE). Approximately 597,000 weekly npm downloads are potentially affected. A proof-of-concept (PoC) demonstrates the ability to execute system commands using `require("child process").execSync("id")` through the vulnerable function. This issue is distinct from CVE-2026-29091, which involved `call user func array` using `eval()` in older versions. **Recommendations** Update to Locutus version 3.0.14 or later. Remove the `create function` function. If removal is not possible, replace `new Function()` with a safe alternative.

**Name of the Vulnerable Software and Affected Versions** Pocket ID versions 2.0.0 through 2.4.0 **Description** A flaw in callback URL validation allowed crafted `redirect uri` values containing URL userinfo (`@`) to bypass legitimate callback pattern checks. If an attacker can trick a user into opening a malicious authorization link, the authorization code may be redirected to an attacker-controlled host. This issue affects an OpenID Connect (OIDC) provider, allowing users to authenticate with passkeys. **Recommendations** Update to version 2.4.0 or later. As a workaround, reject callback URLs containing userinfo (`@`) at the reverse proxy or application policy level if feasible.

**Nome do Software Vulnerável e Versões Afetadas** Versões do Plane anteriores a 1.2.3 **Descrição** A validação da URL do webhook em `plane/app/serializers/webhook.py` verifica apenas se o endereço IP é de loopback, permitindo que atacantes com a função ADMIN do workspace criem webhooks direcionados a endereços de rede privados ou internos, como `10.x.x.x`, `172.16.x.x`, `192.168.x.x` e `169.254.169.254`. Quando eventos de webhook são acionados, o servidor envia solicitações para esses endereços internos e armazena a resposta, possibilitando um Server-Side Request Forgery (SSRF) com leitura completa da resposta. Isso pode levar à exfiltração de metadados da nuvem, varredura de serviços internos e exfiltração de dados por meio dos logs de resposta. **Recomendações** Versões anteriores a 1.2.3 devem ser atualizadas para a versão 1.2.3 ou posterior.

**Nome do Software Vulnerável e Versões Afetadas** Versões do SVGO de 2.1.0 a 2.8.0 Versões do SVGO de 3.0.0 a 3.3.2 Versões do SVGO anteriores a 4.0.1 **Descrição** O SVGO é suscetível a um problema de negação de serviço decorrente do manuseio inadequado de entidades personalizadas de XML. Especificamente, o software não protege adequadamente contra a expansão ou recursão de entidades. Um arquivo XML pequeno e maliciosamente elaborado (aproximadamente 811 bytes) pode fazer com que a aplicação trave ou falhe devido ao consumo excessivo de memória, resultando em um erro de esgotamento de memória no heap do JavaScript. O problema surge porque o SVGO utiliza um analisador XML upstream que, por padrão, não interpreta entidades personalizadas de XML. O SVGO modifica o analisador para suportar entidades declaradas no DOCTYPE, mas isso introduz o risco de expansão exponencial quando as entidades referenciam umas às outras. Isso pode ser acionado ao processar entrada SVG não confiável, potencialmente impactando aplicações do lado do servidor. **Recomendações** Versões do SVGO de 2.1.0 a 2.8.0: Atualize para a versão 2.8.1 ou posterior. Versões do SVGO de 3.0.0 a 3.3.2: Atualize para a versão 3.3.3 ou posterior. Versões do SVGO anteriores a 4.0.1: Atualize para a versão 4.0.1 ou posterior.

**Nome do Software Vulnerável e Versões Afetadas** Versões do Underscore.js anteriores à 1.13.8 **Descrição** O Underscore.js, uma biblioteca de utilitários JavaScript, contém um problema nas funções ` .flatten` e ` .isEqual`. Essas funções utilizam recursão sem limite de profundidade, o que pode levar a um ataque de Negação de Serviço (DoS) por estouro de pilha. A exploração requer que um atacante forneça entradas não confiáveis que criem uma estrutura de dados recursiva, como o uso de `JSON.parse` sem limite de profundidade. Para ` .flatten`, a vulnerabilidade pode ser explorada se a estrutura de dados consistir em arrays em todos os níveis e nenhum limite de profundidade finito for fornecido como argumento. Para ` .isEqual`, a exploração requer a comparação de duas estruturas de dados distintas submetidas pelo mesmo cliente, por exemplo, dados armazenados em um banco de dados comparados a dados recém-submetidos ou analisar os mesmos dados duas vezes. As exceções resultantes do estouro de pilha não são tratadas. **Recomendações** Atualize o Underscore.js para a versão 1.13.8 ou posterior.

**Nome do Software Vulnerável e Versões Afetadas** Versões do wger anteriores a 2.4 **Descrição** O wger é um gerenciador de treinos e fitness gratuito e de código aberto. Existe uma falha em que três endpoints de ação `nutritional values` contornam querysets escopados por usuário por meio de uma chamada ORM bruta, especificamente `Model.objects.get(pk=pk)`. Isso permite que qualquer usuário autenticado acesse os dados privados do plano de nutrição de outro usuário, incluindo ingestão calórica e distribuição de macronutrientes, ao fornecer uma chave primária (`pk`) arbitrária. A falha foi corrigida no commit 29876a1954fe959e4b58ef070170e81703dab60e. **Recomendações** Atualize para uma versão posterior a 2.4.

**Nome do Software Vulnerável e Versões Afetadas** versões do wger anteriores à 2.4 **Descrição** O wger é um gerenciador de treinos e fitness gratuito e de código aberto. Versões até e incluindo a 2.4 manipulam incorretamente a recuperação de dados do usuário. Os endpoints de API `RepetitionsConfigViewSet` e `MaxRepetitionsConfigViewSet` retornam os dados de configuração de repetições de todos os usuários porque a função `get queryset()` chama `.all()` em vez de filtrar pelo usuário autenticado (`user`). Isso permite que qualquer usuário registrado enumere a estrutura de treino de todos os outros usuários. Os endpoints de API envolvidos são `RepetitionsConfigViewSet` e `MaxRepetitionsConfigViewSet`. A função vulnerável é `get queryset()`. **Recomendações** Atualize para uma versão posterior à 2.4.

**Nome do Software Vulnerável e Versões Afetadas** Versões do wger anteriores a 2.4 **Descrição** O software apresenta uma falha em que os endpoints de ação de detalhe de rotina verificam um cache antes de confirmar a propriedade do objeto usando `self.get object()`. As chaves de cache são definidas apenas pela chave primária (`pk`) e não incluem o ID do usuário. Isso permite que um atacante recupere respostas em cache para a chave primária de uma rotina sem autorização adequada, caso a vítima tenha acessado anteriormente a rotina por meio da API. Os **endpoints da API** afetados são: '/api/v2/routine/{pk}/date-sequence-display/', '/api/v2/routine/{pk}/date-sequence-gym/', '/api/v2/routine/{pk}/structure/', '/api/v2/routine/{pk}/logs/' e '/api/v2/routine/{pk}/stats/'. A variável vulnerável utilizada na construção da chave de cache é `routine id`. Um atacante pode, potencialmente, recuperar detalhes da rotina de outro usuário, incluindo sequências de dias de treino, estrutura de exercícios, logs de treinamento e estatísticas, do cache sem verificação de propriedade. O tempo de vida (TTL) do cache é de um mês. **Recomendações** Versões anteriores a 2.4: Inclua o ID do usuário na construção da chave de cache para identificar exclusivamente as respostas em cache de cada usuário. Alternativamente, mova a chamada da função `self.get object()` antes da consulta ao cache para garantir que a propriedade seja sempre verificada primeiro.

**Name of the Vulnerable Software and Affected Versions** Parse Dashboard versions 7.3.0-alpha.42 through 9.0.0-alpha.7 **Description** Parse Dashboard, a standalone dashboard for managing Parse Server apps, contains an issue where the AI Agent API endpoint (`POST /apps/:appId`) lacks proper authorization checks. Authenticated users with access to specific applications can access the agent endpoint of any other application by modifying the `appId` in the URL. Read-only users are granted the full master key instead of the read-only master key, enabling them to perform write and delete operations by including write permissions in the request body. Only dashboards with the `agent` configuration enabled are affected. **Recommendations** Update to version 9.0.0-alpha.8 or later. As a workaround, remove the `agent` configuration block from your dashboard configuration.

**Name of the Vulnerable Software and Affected Versions** Parse Dashboard versions 7.3.0-alpha.42 through 9.0.0-alpha.7 **Description** Parse Dashboard, a standalone dashboard for managing Parse Server apps, contains security issues in the AI Agent API endpoint (`/apps/:appId/agent`). Versions 7.3.0-alpha.42 through 9.0.0-alpha.7 are affected by multiple vulnerabilities that, when combined, could allow attackers without authentication to perform arbitrary read and write operations on any connected Parse Server database using the master key. The agent feature must be enabled for the dashboard to be affected. The issue stems from a lack of authentication, Cross-Site Request Forgery (CSRF) validation, and per-app authorization on the agent endpoint. A cache key collision between the master key and read-only master key also contributed to the problem. **Recommendations** Versions 7.3.0-alpha.42 through 9.0.0-alpha.7: Remove or comment out the agent configuration block from your Parse Dashboard configuration.

**Name of the Vulnerable Software and Affected Versions** Karakeep version 0.30.0 **Description** Karakeep is an elf-hostable bookmark-everything app. Version 0.30.0 does not properly sanitize HTML content received from the Reddit metascraper plugin. Specifically, when the plugin returns `readableContentHtml`, the application directly uses this content in the HTML parsing subprocess without running it through DOMPurify. This unsanitized content is then injected into the application’s Document Object Model (DOM) via React’s `dangerouslySetInnerHTML`, potentially allowing malicious HTML to be executed in a user’s browser. **Recommendations** Update to version 0.31.0 to address this issue.

**Name of the Vulnerable Software and Affected Versions** InvenTree versions prior to 1.2.3 **Description** InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server uses a customizable jinja2 template, which can be modified by a staff user to exfiltrate sensitive information or perform code execution on the server. This issue requires access by a user with staff permissions, followed by a request to generate a custom batch code via the API. Once the template has been modified maliciously, the API call to generate a new batch code could be made by other users, and the template code will be executed with their user context. The batch code template is a configurable global setting which can be adjusted by any user with staff access. The vulnerable API endpoint is used to generate a new batch code. The vulnerable parameters are those used to customize the jinja2 template. **Recommendations** For InvenTree installations prior to 1.2.3, the `STOCK BATCH CODE TEMPLATE` and `PART NAME FORMAT` global settings should be overridden at the system level to prevent editing.

**Name of the Vulnerable Software and Affected Versions** OliveTin versions up to and including 3000.10.0 **Description** OliveTin, a tool designed to simplify shell command execution, has flaws in its shell command execution mechanism. The `checkShellArgumentSafety` function does not block the `password` argument type, allowing injection of shell metacharacters and arbitrary OS command execution. Additionally, webhook-extracted JSON values bypass type safety checks entirely before being passed to `sh -c`, leading to unauthenticated remote code execution (RCE) if the instance receives webhooks from external sources. Exploiting both vectors results in unauthenticated RCE on any OliveTin instance using Shell mode with webhook-triggered actions. The vulnerability stems from inadequate input validation and safety checks within the application. The vulnerable function is `checkShellArgumentSafety`. The vulnerable parameters are the `password` argument and webhook-extracted JSON values. **Recommendations** Versions prior to 3000.10.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.