Lirantal

**Name of the Vulnerable Software and Affected Versions** willitmerge versions 0.2.1 and prior **Description** willitmerge is a command line tool used to check if pull requests are mergeable. A command injection issue exists because the software uses an insecure child process execution API (`exec`) and concatenates user-supplied data to it. User input, whether provided through command-line flags or controlled within the target repository, is not properly sanitized before being used in the `exec` function. This allows for potential arbitrary command execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mastra versions 0.13.8 through 0.13.20-alpha.0 **Description** Mastra, a Typescript framework for building AI agents and assistants, is susceptible to a Directory Traversal issue. The framework includes a security check intended to prevent path traversal when reading file contents, but this check is bypassed by subsequent logic used to find directory suggestions. This allows an attacker to list the contents of arbitrary directories on the user's filesystem, potentially exposing sensitive information about the file system's structure, including the user's home directory. **Recommendations** Update to version 0.13.20 or later.

**Name of the Vulnerable Software and Affected Versions** mcp-database-server (MCP Server) versions 1.1.0 and earlier **Description** The mcp-database-server (MCP Server) distributed via the npm package @executeautomation/database-server does not implement adequate security controls to enforce read-only mode. This can lead to abuse and attacks on affected database systems, such as PostgreSQL, potentially resulting in denial of service and other unexpected behaviors. This vulnerability affects only the npm distribution. **Recommendations** Update to a version of mcp-database-server later than 1.1.0.

Name of the Vulnerable Software and Affected Versions: interactive-git-checkout versions up to and including 1.1.4 Description: The `interactive-git-checkout` tool is an interactive command-line utility for checking out Git branches. Versions up to and including 1.1.4 are susceptible to a command injection issue. This occurs because the software utilizes the Node.js child process module’s `exec()` function to pass the branch name to the `git checkout` command without sufficient input validation or sanitization. Recommendations: Update to a version after 1.1.4.

Name of the Vulnerable Software and Affected Versions: @akoskm/create-mcp-server-stdio versions prior to 0.0.13 Description: The @akoskm/create-mcp-server-stdio package, a MCP server starter kit utilizing the StdioServerTransport, contains a command injection issue in versions prior to 0.0.13. The `which-app-on-port` tool relies on the Node.js `exec` function, which is susceptible to command injection when combined with untrusted user input. Recommendations: Update @akoskm/create-mcp-server-stdio to version 0.0.13 or later.

Name of the Vulnerable Software and Affected Versions: GitHub Kanban MCP Server versions 0.3.0 through 0.4.0 Description: GitHub Kanban MCP Server is a Model Context Protocol (MCP) server designed for managing GitHub issues in Kanban board format and streamlining LLM task management. The server’s `add comment` tool utilizes the Node.js `exec` function to execute the GitHub (`gh`) command, creating a command injection issue when combined with untrusted user input. Recommendations: GitHub Kanban MCP Server version 0.3.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. GitHub Kanban MCP Server version 0.4.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: RestDB's Codehooks.io MCP Server versions prior to 0.2.2 Description: The issue is related to a command injection vulnerability in the MCP Server tools definition and implementation. This could result in a user-initiated remote command injection attack on a running MCP Server. Recommendations: For versions prior to 0.2.2, update to version 0.2.2 to resolve the issue. As a temporary workaround, consider restricting access to the MCP Server tools to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: iOS Simulator MCP Server versions prior to 1.3.3 Description: The issue concerns a command injection vulnerability in the MCP Server tool definition and implementation. The MCP Server exposes the tool `ui tap`, which relies on the Node.js child process API `exec`. This API is vulnerable if concatenated with untrusted user input. User input for `duration`, `udid`, and `x` and `y` args can be replaced with shell meta-characters to change the behavior from running the expected command to another command. When tricked through prompt injection, the full command-line text will be intercepted by the shell, resulting in other commands executing on the host running the MCP Server. Recommendations: For versions prior to 1.3.3, update to version 1.3.3, which contains a patch for the issue. As a temporary workaround, consider restricting access to the `ui tap` tool and limiting user input to prevent the use of special shell characters. Avoid using the parameters `duration`, `udid`, `x`, and `y` in the affected API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: parse-duraton versions prior to 2.1.3 Description: The issue is related to an event loop delay due to the CPU-bound operation of resolving the provided string, which can range from 0.5ms to ~50ms per operation, depending on the size of the input string, which can vary from 0.01 MB to 4.3 MB. Additionally, an out of memory issue can occur due to a string size of roughly 10 MB that utilizes unicode characters, causing a Node.js application to crash. The `parse()` function in the library is vulnerable to this issue, particularly when using the `replace()` function, which creates copies of the input in memory. Recommendations: For versions prior to 2.1.3, update to version 2.1.3, which contains a patch for this issue. As a temporary workaround, consider restricting the size of input strings to prevent excessive delays and out of memory issues. Additionally, implementing rate limits on concurrent requests can help mitigate the impact of this issue on application performance.

Name of the Vulnerable Software and Affected Versions: @nuxtjs/mdc versions prior to 0.13.3 Description: The issue arises from unsafe parsing logic of the URL from markdown, which can lead to arbitrary JavaScript code execution due to a bypass of the existing guards around the `javascript:` protocol scheme in the URL. The parsing logic implements a deny-list approach to filtering potential malicious payload by matching protocol schemes like `javascript:` and others. However, these security guards can be bypassed by an adversarial that provides JavaScript URLs with HTML entities encoded via hex string. Users who consume this library and perform markdown parsing from unvalidated sources could result in rendering vulnerable XSS anchor links. Recommendations: To resolve the issue, upgrade to version 0.13.3. As a temporary workaround, consider restricting the use of the `parseMarkdown` function from `@nuxtjs/mdc/runtime` until a patch is applied, and avoid using unvalidated sources for markdown parsing. Additionally, restrict access to the `props.ts` module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ghtml versions prior to 2.0.0 **Description** The issue allows for the introduction of user-controlled JavaScript code, potentially triggering a Cross-Site Scripting (XSS) vulnerability in certain cases. Developers should be cautious and take additional measures to sanitize user input and prevent potential vulnerabilities. The backtick character (`) is now also escaped to prevent the creation of strings in most cases where a malicious actor gains the ability to write JavaScript. However, this does not provide comprehensive protection against all types of XSS attacks. **Recommendations** For versions prior to 2.0.0, update to version 2.0.0 to address the Cross-Site Scripting vulnerabilities. Additionally, consider implementing extra sanitization measures for user input to enhance cybersecurity. As a temporary workaround, consider restricting the use of user-controlled input in template engine functionality until the issue is fully resolved.

**Name of the Vulnerable Software and Affected Versions** daloRADIUS versions 1.3 and prior **Description** daloRADIUS is an open source RADIUS web management application. It is vulnerable to a combination of cross site scripting (XSS) and cross site request forgery (CSRF) vulnerabilities, which can lead to account takeover in the mng-del.php file due to an unescaped variable reflected in the DOM on line 116. **Recommendations** For daloRADIUS versions 1.3 and prior, users are advised to manually apply the commit `ec3b4a419e` to mitigate this issue. As a temporary workaround, consider mitigating the CSRF vulnerability by making the daloRADIUS session cookie samesite=Lax or by implementing a CSRF token in all forms. Additionally, the XSS vulnerability may be mitigated by escaping it or by introducing a Content-Security policy.

**Name of the Vulnerable Software and Affected Versions** axios versions up to and including 0.18.0 **Description** The issue allows attackers to cause a denial of service by continuing to accept content after the `maxContentLength` is exceeded, potentially leading to high CPU usage. **Recommendations** For axios versions up to and including 0.18.0, upgrade to 0.18.1 or later.