Eric-F

**Name of the Vulnerable Software and Affected Versions** vercel ai versions prior to 3.0.98 **Description** A server-side request forgery (SSRF) issue exists in the `provider-utils` component. The flaw is located in the `validateDownloadUrl()` function within the `packages/provider-utils/src/download-blob.ts` file, allowing a remote attacker to manipulate requests. **Recommendations** Update to version 3.0.98 or later. As a temporary workaround, restrict access to the `validateDownloadUrl()` function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** vercel ai versions prior to 3.0.98 **Description** A resource consumption issue exists in the `provider-utils` component. The flaw is located within the `createJsonResponseHandler()` and `createJsonErrorResponseHandler()` functions in the `packages/provider-utils/src/response-handler.ts` file. This allows a remote attacker to cause excessive resource consumption. **Recommendations** Update to version 3.0.98 or later. As a temporary workaround, restrict access to the `createJsonResponseHandler()` and `createJsonErrorResponseHandler()` functions until the update is applied.

**Name of the Vulnerable Software and Affected Versions** langflow-ai langflow versions prior to 1.8.4 **Description** A flaw in the Frontend React Component Rendering, specifically within the file 'src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx', allows for remote cross site scripting. Cross site scripting is a security gap where malicious scripts are injected into trusted websites. **Recommendations** Update to a version newer than 1.8.3.

**Name of the Vulnerable Software and Affected Versions** modelscope agentscope versions prior to 1.0.19 **Description** A code injection flaw exists that allows remote attackers to execute arbitrary code. The issue is located in the `execute python code()` and `execute shell command()` functions within the 'src/AgentScope/tool/ coding/ python.py' file. **Recommendations** Update to a version later than 1.0.18. As a temporary workaround, consider disabling the `execute python code()` and `execute shell command()` functions until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** modelscope agentscope versions prior to 1.0.19 **Description** An issue exists in the Cloud Metadata Endpoint component within the file src/agentscope/tool/ multi modality/ openai tools.py. Specifically, the functions ` parse url()`, `prepare image()`, and `openai audio to text()` do not properly handle the `image url` and `audio file url` arguments. This allows a remote attacker to perform server-side request forgery, which is a technique where an attacker induces a server-side application to make requests to an unintended location. **Recommendations** Update to a version newer than 1.0.18. As a temporary workaround, restrict access to the functions ` parse url()`, `prepare image()`, and `openai audio to text()` or avoid using the `image url` and `audio file url` arguments until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** langflow-ai langflow versions prior to 1.8.4 **Description** An issue exists in the Project Creation Endpoint where manipulation of the `auth settings` argument in the `encrypt auth settings()` function within the 'src/backend/base/Langflow/api/v1/projects.py' file leads to sensitive information being stored in cleartext on a file or disk. This flaw can be exploited remotely. **Recommendations** Update to a version newer than 1.8.3. As a temporary workaround, restrict access to the `encrypt auth settings()` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** modelscope agentscope versions prior to 1.0.19 **Description** A server-side request forgery (SSRF) exists in the ` process audio block()` function within the file src/agentscope/agent/ agent base.py. This issue allows a remote attacker to perform the attack by manipulating the `url` argument. SSRF is a flaw that allows an attacker to induce the server-side application to make requests to an unintended location. **Recommendations** Update to a version newer than 1.0.18. As a temporary workaround, restrict access to the ` process audio block()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** lm-sys fastchat versions prior to 0.2.37 **Description** A flaw in the Worker API Endpoint allows remote attackers to cause resource consumption through the manipulation of the `api generate()` function. **Recommendations** Install the patch provided in commit c9e84b89c91d45191dc24466888de526fa04cf33. As a temporary workaround, restrict access to the `api generate()` function to minimize the risk of resource exhaustion.

**Name of the Vulnerable Software and Affected Versions** lm-sys fastchat versions prior to 0.2.37 **Description** Remote Code Execution is possible in the Arena Side-by-Side View Handler component via the `add text()` function. Manipulation of this function results in incorrect control flow, allowing an attack to be launched remotely. **Recommendations** Update to version 0.2.37 or later. As a temporary workaround, restrict access to the `add text()` function within the Arena Side-by-Side View Handler.

**Name of the Vulnerable Software and Affected Versions** modelscope agentscope versions prior to 1.0.19 **Description** A flaw in the Internal Service component allows for server-side request forgery, which is a condition where an attacker can induce the server to make requests to an unintended location. This issue occurs within the ` get bytes from web url()` function located in the `src/agentscope/ utils/ common.py` file and can be triggered remotely through manipulation. **Recommendations** Update to a version newer than 1.0.18. As a temporary workaround, consider restricting the use of the ` get bytes from web url()` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** langflow-ai langflow versions prior to 1.8.4 **Description** An issue exists in the Model Context Protocol Configuration API within the `get client ip`/`install mcp config` functions of the file src/backend/base/langflow/api/v1/mcp projects.py. A remote attacker can perform an injection by manipulating the `X-Forwarded-For` argument. **Recommendations** Update to version 1.8.4 or later.