Aftersnows

**Name of the Vulnerable Software and Affected Versions** gradio versions 4.42.0 and earlier **Description** The issue is related to a hidden server-side request forgery (SSRF) vulnerability in the `gr.DownloadButton` function. This vulnerability arises because the `save url to cache` function does not restrict URLs, allowing access to local target resources. As a result, it can lead to the download of local resources and sensitive information. **Recommendations** For gradio versions 4.42.0 and earlier, as a temporary workaround, consider disabling the `gr.DownloadButton` function until a patch is available. Restrict access to the `save url to cache` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** agentscope versions 0.0.0 through 0.0.4 **Description** The issue is related to the function `is callable expression` in the file `agentscopewebworkstationworkflow utils.py`. This function contains the line `result = eval(s)`, which poses a security risk as it can directly execute user-provided commands, leading to arbitrary code execution. **Recommendations** For agentscope versions 0.0.0 through 0.0.4, consider disabling the `is callable expression` function until a patch is available to prevent the execution of user-provided commands. Restrict access to the `workflow utils.py` module to minimize the risk of exploitation. Avoid using the `eval` function with untrusted input in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** localai versions <=2.20.1 **Description** The issue is related to a Cross Site Scripting (XSS) vulnerability. When the delete model API is called with inappropriate parameters, it can cause a one-time storage XSS. This will trigger the payload when a user accesses the homepage. The vulnerability occurs in the delete model API when bad parameters are used. **Recommendations** For localai versions <=2.20.1, as a temporary workaround, consider restricting access to the delete model API until a patch is available. Avoid using inappropriate parameters in the delete model API to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gaizhenbiao/chuanhuchatgpt project, version <=20240802 **Description** The issue is related to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket message. When a victim accesses this session, the malicious JavaScript is executed in the victim's browser. **Recommendations** For version <=20240802, update to a version later than 20240802 to resolve the stored Cross-Site Scripting (XSS) issue in WebSocket session transmission. As a temporary workaround, consider restricting access to WebSocket sessions to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: D-Tale versions prior to 3.14.1 Description: D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. The issue is related to the `Custom Filter` input. Recommendations: For versions prior to 3.14.1, upgrade to version 3.14.1 where the `Custom Filter` input is turned off by default. As a temporary workaround for versions earlier than 3.14.1, consider hosting D-Tale only to trusted users.

Name of the Vulnerable Software and Affected Versions: H2O.ai H2O versions 3.46.0.4 and earlier Description: The issue allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the "ImportSQLTable" URI with a JSON document containing a `connection url` property with any typical JDBC Connection URL attack payload. Recommendations: For versions 3.46.0.4 and earlier, update to a patched version to resolve the issue. As a temporary workaround, consider restricting access to the ImportSQLTable URI to minimize the risk of exploitation. Avoid using the `connection url` property in the affected JSON documents until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** OpenAM versions 15.0.3 and prior **Description** The issue is related to the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java, which is vulnerable to template injection due to its usage of user input. This vulnerability allows an attacker to execute arbitrary code remotely. The developer intended to implement a custom URL for handling login, but did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. A fix is expected to be part of version 15.0.4, which introduces `TemplateClassResolver.SAFER RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. **Recommendations** For OpenAM versions 15.0.3 and prior, update to version 15.0.4 or later, which is expected to include the fix for this issue. As a temporary workaround, consider restricting the `CustomLoginUrlTemplate` to prevent it from being set freely. Additionally, disabling the `getCustomLoginUrlTemplate` method until a patch is available can help minimize the risk of exploitation.