Bart

**Name of the Vulnerable Software and Affected Versions** Sonarr versions prior to 4.0.16.2942 **Description** Sonarr is a PVR for Usenet and BitTorrent users. A flaw exists where authentication could be bypassed in versions with authentication disabled for local addresses (Authentication Required set to: `Disabled for Local Addresses`) if a reverse proxy was not in place or did not properly handle headers. The issue affects the `Authentication Required` setting. **Recommendations** Update to version 4.0.16.2942 or later. Ensure Sonarr's Authentication Required setting is set to `Enabled`. Run Sonarr behind a reverse proxy. Avoid exposing Sonarr directly to the internet; use a VPN or Tailscale instead.

Name of the Vulnerable Software and Affected Versions: Backuply – Backup, Restore, Migrate and Clone plugin for WordPress versions up to, and including, 1.3.4 Description: The issue is related to SQL Injection via the `options` parameter passed to the `backuply wp clone sql()` function due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows authenticated attackers with administrator-level access and above to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. Recommendations: For versions up to, and including, 1.3.4, consider disabling the `backuply wp clone sql()` function until a patch is available. Restrict access to the `options` parameter in the affected function to minimize the risk of exploitation. Avoid using the `options` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The SEO Plugin by Squirrly SEO plugin for WordPress versions up to and including 12.3.19 **Description** The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing authenticated attackers with Contributor-level access and above to inject arbitrary web scripts in pages. This can be achieved via the `url` parameter. The injected scripts will execute whenever a user accesses an injected page. **Recommendations** For versions up to and including 12.3.19, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the `url` parameter in affected pages to minimize the risk of arbitrary script injection.

**Name of the Vulnerable Software and Affected Versions** Node.js (affected versions not specified) **Description** A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. This issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Node.js (affected versions not specified) **Description** The issue is related to the Node.js HTTP/2 server, where an attacker can make the server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. This can cause a race condition when headers with HTTP/2 CONTINUATION frames are sent to the server and then a TCP connection is abruptly closed by the client, triggering the `Http2Session` destructor while header frames are still being processed. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.