Programsurf

Name of the Vulnerable Software and Affected Versions text-generation-webui versions prior to 4.3 Description text-generation-webui, an open-source web interface for running Large Language Models, contains an unauthenticated path traversal flaw in the `load preset()` function. This allows an attacker to read any .yaml file on the server filesystem. The parsed YAML key-value pairs, which may include sensitive information like passwords, API keys, and connection strings, are then returned in the API response. Recommendations Update to version 4.3 or later.

Name of the Vulnerable Software and Affected Versions text-generation-webui versions prior to 4.3 Description text-generation-webui is an open-source web interface for running Large Language Models. The superbooga and superboogav2 RAG extensions, in versions prior to 4.3, retrieve user-provided URLs using `requests.get()` without any validation. This includes a lack of scheme checking, IP filtering, or hostname allowlisting. This allows an attacker to access cloud metadata endpoints, potentially stealing IAM credentials and probing internal services. The retrieved content is then exfiltrated through the RAG pipeline. Recommendations Update to version 4.3 or later.

Name of the Vulnerable Software and Affected Versions text-generation-webui versions prior to 4.3 Description text-generation-webui is an open-source web interface for running Large Language Models. A path traversal flaw exists in the `load prompt()` function, allowing unauthenticated users to read any .txt file on the server filesystem. The content of the file is directly returned in the API response. Recommendations Update to version 4.3 or later.

Name of the Vulnerable Software and Affected Versions text-generation-webui versions prior to 4.3 Description text-generation-webui is an open-source web interface for running Large Language Models. A path traversal flaw exists in the `load template()` function that allows an unauthenticated attacker to read files with the extensions .jinja, .jinja2, .yaml, or .yml from any location on the server's filesystem. For .jinja files, the content is returned directly. For .yaml files, a parsed key is extracted. Recommendations Update to version 4.3 or later.

Name of the Vulnerable Software and Affected Versions text-generation-webui versions prior to 4.3 Description text-generation-webui, an open-source web interface for running Large Language Models, contains a path traversal flaw in the `load grammar()` function. This allows an unauthenticated attacker to read any file on the server filesystem. The issue arises because the application does not server-side validate dropdown values, enabling attackers to submit directory traversal payloads (e.g., `../../../etc/passwd`) via the API. The server then returns the full file contents in the response. Recommendations Update to version 4.3 or later.

Name of the Vulnerable Software and Affected Versions whisperX versions 0.3.1 through 0.5.0 Description The whisperX API, a tool for enhancing and analyzing audio content, has a flaw in the `FileService.download from url()` function within `app/services/file service.py`. This function uses `requests.get(url)` without proper URL validation. The file extension check is performed after the HTTP request, allowing bypass by appending '.mp3' to internal URLs. The `/speech-to-text-url` endpoint is accessible without authentication. Recommendations Update to version 0.6.0 or later.

Name of the Vulnerable Software and Affected Versions leancrypto versions prior to 1.7.1 Description The leancrypto library, a cryptographic library focused on post-quantum cryptography, has an issue in the `lc x509 extract name segment()` function. A cast from `size t` to `uint8 t` when handling the Common Name (CN) length allows an attacker to craft a malicious certificate. By padding the CN with 256 bytes, an attacker can manipulate the `cn size` variable, effectively impersonating a victim's identity in PKCS#7 verification, certificate chain matching, and code signing. Recommendations Update to version 1.7.1 or later.