K14Uz

**Name of the Vulnerable Software and Affected Versions** SandboxJS versions prior to 0.8.31 **Description** SandboxJS is a JavaScript sandboxing library with a flaw that allows sandboxed code to modify host built-in prototypes. This is achieved by removing a protection flag through array literal intermediaries, enabling direct prototype mutation from within the sandbox. This prototype pollution can lead to remote code execution in applications that utilize these polluted properties in sensitive operations, such as using `execSync(obj.cmd)`. The issue stems from the improper handling of the `isGlobal` taint flag when retrieving global prototype references from arrays. **Recommendations** Update SandboxJS to version 0.8.31 or later.

**Name of the Vulnerable Software and Affected Versions** NiceGUI versions prior to 3.7.0 **Description** NiceGUI’s FileUpload.name property does not sanitize client-supplied filename metadata, which can lead to path traversal when developers use the pattern UPLOAD DIR / file.name. Attackers can exploit this by crafting malicious filenames containing '../' sequences to write files outside the intended directories. This could result in remote code execution through application file overwrites, particularly in deployments where the application follows common community patterns. Exploitation requires application code to incorporate file.name into filesystem paths without sanitization. The `save()` method in `nicegui/elements/upload files.py` does not validate the provided path parameter, accepting relative paths with '../' sequences and absolute paths. The affected methods are `SmallFileUpload.save()` and `LargeFileUpload.save()`. The vulnerability allows attackers to write files to any location writable by the application process, overwrite Python application files for remote code execution, alter application behavior by overwriting configuration files, and potentially achieve persistent access. **Recommendations** Versions prior to 3.7.0 should be updated to version 3.7.0 or later. As a mitigation, strip directory components from the filename before saving the file, for example: `safe name = Path(e.file.name).name`. For maintainers, implement path validation to ensure that the target path does not escape the base directory.

**Name of the Vulnerable Software and Affected Versions** Dozzle versions prior to 9.0.3 **Description** A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting their container IDs. When SIMPLE auth is enabled, Dozzle supports per‑user label filters in `users.yaml` to restrict which containers a user can interact with. These filters are not correctly enforced when resolving a container by ID for agent-backed hosts, allowing a user to bypass the intended label-based isolation between environments. Specifically, the `FindContainer` function ignores label scope, while the `ListContainers` function correctly applies the filters. An authenticated user with shell access can establish an interactive exec session into a container they should not have access to by calling the `/api/hosts/{hostId}/containers/{containerId}/exec` (or `/attach`) endpoint with a valid JWT and the target container ID. This issue allows a user who should be constrained to a specific label set to gain full interactive access to containers with other labels on the same agent host, provided they can obtain the target container ID. The `/api/hosts/{hostId}/containers/{containerId}/exec` and `/attach` are the API endpoints involved. The `userLabels` variable is used in the filtering process. **Recommendations** Update to version 9.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** Orval versions 7.19.0 and below and 8.0.0-rc.0 through 8.0.2 **Description** Orval generates type-safe JavaScript clients from OpenAPI specifications. The software allows untrusted OpenAPI specifications to inject arbitrary TypeScript/JavaScript into generated mock files through the `const` keyword on schema properties. These `const` values are interpolated into the mock scalar generator (`getMockScalar` in packages/mock/src/faker/getters/scalar.ts) without proper escaping or type-safe serialization. This results in attacker-controlled code being emitted into both interface definitions and faker/MSW handlers. The issue is similar to a previously reported issue affecting a different code path. **Recommendations** Orval versions 7.20.0 and 8.0.3 or later should be used.

**Name of the Vulnerable Software and Affected Versions** Orval versions 7.19.0 through 7.20.9 Orval versions 8.0.0 through 8.1.9 **Description** Orval, a tool that generates type-safe JavaScript clients from OpenAPI specifications, is affected by a code injection issue. The `jsStringEscape` function does not adequately sanitize input, allowing attackers to inject and execute arbitrary JavaScript code using a limited set of characters, including `[]()!+`. This is achieved through a technique known as JSFuck, which enables code execution without relying on alphanumeric characters or quotes. **Recommendations** Update to Orval version 7.21.0 or later. Update to Orval version 8.2.0 or later.

**Name of the Vulnerable Software and Affected Versions** Orval versions 7.10.0 through 8.0.2 **Description** Orval, a tool for generating type-safe JavaScript clients from OpenAPI specifications, is affected by an arbitrary code execution issue. Untrusted OpenAPI specifications can inject arbitrary TypeScript/JavaScript code into generated clients through the `x-enumDescriptions` field. This injection occurs during const enum generation within the `getEnumImplementation()` function, resulting in executable code within the generated schema files. This issue is similar to, but distinct from, a previously addressed issue. **Recommendations** Update to a version later than 8.0.2.