Publish Advisories

GHSA-23jg-5f8m-gw8c
GHSA-5g3j-89fr-r2vp
GHSA-5v8v-xvjv-57x7
GHSA-9h9m-rr67-9jpg
GHSA-fcmh-qfxc-w685
GHSA-mmpq-5hcv-hf2v
GHSA-r758-8hxw-4845

Author: advisory-database[bot]

…-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.json …-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.jsonadvisories/unreviewed/2026/04/GHSA-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.json renamed to advisories/github-reviewed/2026/04/GHSA-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.json advisories/unreviewed/2026/04/GHSA-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.json renamed to advisories/github-reviewed/2026/04/GHSA-23jg-5f8m-gw8c/GHSA-23jg-5f8m-gw8c.json

@@ -1,11 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-23jg-5f8m-gw8c",
-  "modified": "2026-04-05T12:30:25Z",
+  "modified": "2026-04-08T00:06:47Z",
   "published": "2026-04-05T12:30:25Z",
   "aliases": [
     "CVE-2026-5559"
   ],
+  "summary": "PyBlade: SSTI/RCE via Bypassed AST Validation in sandbox.py",
   "details": "A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
   "severity": [
     {
@@ -14,10 +15,30 @@
     },
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "pyblade"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0.1.8-alpha"
+            },
+            {
+              "last_affected": "0.2.0-alpha"
+            }
+          ]
+        }
+      ]
     }
   ],
-  "affected": [],
   "references": [
     {
       "type": "ADVISORY",
@@ -32,7 +53,7 @@
       "url": "https://github.com/AntaresMugisho/PyBlade/issues/1#issue-4086730906"
     },
     {
-      "type": "WEB",
+      "type": "PACKAGE",
       "url": "https://github.com/AntaresMugisho/PyBlade"
     },
     {
@@ -52,9 +73,9 @@
     "cwe_ids": [
       "CWE-791"
     ],
-    "severity": "MODERATE",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "severity": "LOW",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:06:47Z",
     "nvd_published_at": "2026-04-05T11:16:55Z"
   }
 }

advisories/github-reviewed/2026/04/GHSA-5g3j-89fr-r2vp/GHSA-5g3j-89fr-r2vp.json

@@ -0,0 +1,66 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5g3j-89fr-r2vp",
+  "modified": "2026-04-08T00:07:36Z",
+  "published": "2026-04-08T00:07:36Z",
+  "aliases": [],
+  "summary": "skilleton has improper input handling in repository/path processing",
+  "details": "## Summary\n\n`skilleton` versions prior to `0.3.1` include security-related weaknesses in repository normalization and path handling logic.  \nVersion `0.3.1` contains fixes and additional test coverage for these issues.\n\n## Affected Versions\n\n`<0.3.1`\n\n## Patched Versions\n\n`>=0.3.1`\n\n## Impact\n\nIn affected versions, crafted input could trigger unsafe or inefficient behavior in repository/path processing code paths.  \n`0.3.1` mitigates this by:\n- replacing vulnerable parsing behavior with deterministic logic,\n- validating subpaths earlier before allocating git worktree resources,\n- adding stricter and broader regression tests around these flows.\n\n## Severity\n\nLow to Moderate (project-maintainer assessed)\n\n## Mitigation\n\nUpgrade to `0.3.1` or later.\n\n## Workarounds\n\nNo complete workaround is recommended other than upgrading.\n\n## References\n\n- Branch: [`fix/security-code-scanning-alerts`](https://github.com/Fcmam5/skilleton/pull/9)\n- Commits:\n  - [fix(security): harden git arg handling and path validation](https://github.com/Fcmam5/skilleton/pull/9/changes/42bc280ad675bfaa7b1bbc192330fb582bb28172)\n  - [fix(security): use while loop in normalizeRepoUrl instead of regex](https://github.com/Fcmam5/skilleton/pull/9/changes/6613160803ec8655efee9a270eeaa767ad22da8b)\n- Security Policy: [SECURITY.md](https://github.com/Fcmam5/skilleton/blob/master/SECURITY.md)\n\n## Credits\n\nDetected through automated code scanning and remediated by project maintainers.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "skilleton"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.3.1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/Fcmam5/skilleton/security/advisories/GHSA-5g3j-89fr-r2vp"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Fcmam5/skilleton/pull/9/changes/42bc280ad675bfaa7b1bbc192330fb582bb28172"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Fcmam5/skilleton/pull/9/changes/6613160803ec8655efee9a270eeaa767ad22da8b"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/Fcmam5/skilleton"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1333",
+      "CWE-400",
+      "CWE-78",
+      "CWE-88"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:07:36Z",
+    "nvd_published_at": null
+  }
+}

…-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.json …-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.jsonadvisories/unreviewed/2026/04/GHSA-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.json renamed to advisories/github-reviewed/2026/04/GHSA-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.json advisories/unreviewed/2026/04/GHSA-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.json renamed to advisories/github-reviewed/2026/04/GHSA-5v8v-xvjv-57x7/GHSA-5v8v-xvjv-57x7.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5v8v-xvjv-57x7",
-  "modified": "2026-04-06T09:31:42Z",
+  "modified": "2026-04-08T00:08:09Z",
   "published": "2026-04-06T09:31:42Z",
   "aliases": [
     "CVE-2026-37977"
   ],
+  "summary": "Keycloak vulnerable to information disclosure via CORS header injection due to unvalidated JWT azp claim",
   "details": "A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access (UMA) token endpoint. This flaw occurs because the `azp` claim from a client-supplied JSON Web Token (JWT) is used to set the `Access-Control-Allow-Origin` header before the JWT signature is validated. When a specially crafted JWT with an attacker-controlled `azp` value is processed, this value is reflected as the CORS origin, even if the grant is later rejected. This can lead to the exposure of low-sensitivity information from authorization server error responses, weakening origin isolation, but only when a target client is misconfigured with `webOrigins: [\"*\"]`.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "org.keycloak:keycloak-services"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "26.5.7"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -26,15 +47,19 @@
     {
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455324"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/keycloak/keycloak"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-346"
     ],
     "severity": "LOW",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:08:09Z",
     "nvd_published_at": "2026-04-06T09:16:17Z"
   }
 }

advisories/github-reviewed/2026/04/GHSA-9h9m-rr67-9jpg/GHSA-9h9m-rr67-9jpg.json

@@ -0,0 +1,61 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-9h9m-rr67-9jpg",
+  "modified": "2026-04-08T00:06:03Z",
+  "published": "2026-04-08T00:06:03Z",
+  "aliases": [
+    "CVE-2026-35613"
+  ],
+  "summary": "coursevault-preview has a path traversal due to improper base-directory boundary validation",
+  "details": "## Summary\n\n`coursevault-preview` versions prior to `0.1.1` contain a path traversal vulnerability in the `resolveSafe` utility. The boundary check used `String.prototype.startsWith(baseDir)` on a normalized path, which does not enforce a directory boundary. An attacker who controls the `relativePath` argument to affected `CoursevaultPreview` methods may be able to read files outside the configured `baseDir` when a sibling directory exists whose name shares the same string prefix.\n\n## Details\n\nThe vulnerable code in `src/utils/errors.ts`:\n\n```ts\nif (!full.startsWith(base)) {   // ← insufficient\n  throw new Error(\"Path escapes the base directory\");\n}\n```\n\nBecause the check is a raw string prefix test rather than a path-boundary test, the following bypass is possible:\n\n```\nbaseDir  = \"/srv/courses\"\npayload  = \"../courses-admin/config.json\"\nresolved = \"/srv/courses-admin/config.json\"\n\n\"/srv/courses-admin/config.json\".startsWith(\"/srv/courses\") // → true ✗\n```\n\nAny file whose absolute path begins with the `baseDir` string — including files in sibling directories that share a name prefix — passes the guard and can be accessed by the caller through affected file-access methods.\n\nThe fix replaces the check with a separator-aware comparison:\n\n```ts\nif (full !== base && !full.startsWith(base + sep)) {\n  throw new Error(\"Path escapes the base directory\");\n}\n```\n\n## Impact\n\nAn application that passes untrusted input as the `relativePath` argument to affected file-access methods may expose file contents outside the intended directory.\n\n1. Attacker control over the `relativePath` parameter.\n2. A sibling directory on the filesystem whose name shares a string prefix with `baseDir`.\n\nThere is no network exposure in the package itself; impact is limited to local file disclosure within the host process's file system permissions.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "coursevault-preview"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.1.1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/moritzmyrz/coursevault-preview/security/advisories/GHSA-9h9m-rr67-9jpg"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35613"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/moritzmyrz/coursevault-preview"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:06:03Z",
+    "nvd_published_at": "2026-04-07T17:16:35Z"
+  }
+}

advisories/github-reviewed/2026/04/GHSA-fcmh-qfxc-w685/GHSA-fcmh-qfxc-w685.json

@@ -0,0 +1,55 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fcmh-qfxc-w685",
+  "modified": "2026-04-08T00:07:53Z",
+  "published": "2026-04-08T00:07:53Z",
+  "aliases": [],
+  "summary": "kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level",
+  "details": "## Summary\n\nWhen kube-router is configured with per-node BGP peer passwords using the `kube-router.io/peer.passwords` node annotation, and verbose logging is enabled (`--v=2` or higher), the raw Kubernetes node annotation map is logged verbatim — including the base64-encoded BGP MD5 passwords. Anyone with access to kube-router's logs (via `kubectl logs`, log aggregation systems, or shared log dumps during debugging) can extract and decode the BGP peer passwords. The official troubleshooting documentation instructs users to collect logs at `-v=2` before filing issues, making accidental disclosure during support interactions a realistic scenario.\n\n## Details\n\nThe vulnerability is at `pkg/controllers/routing/network_routes_controller.go:1129`:\n\n```go\n// pkg/controllers/routing/network_routes_controller.go:1127-1133\n// If the global routing peer is configured then peer with it\n// else attempt to get peers from node specific BGP annotations.\nif len(nrc.globalPeerRouters) == 0 {\n    klog.V(2).Infof(\"Attempting to construct peer configs from annotation: %+v\", node.Annotations)\n    peerCfgs, err := bgpPeerConfigsFromAnnotations(\n```\n\n`node.Annotations` is of type `map[string]string`. This type does not implement `fmt.Stringer`, so `%+v` formatting dumps every key-value pair verbatim. When `kube-router.io/peer.passwords` is set on the node (the documented mechanism for providing per-node BGP MD5 passwords), its base64-encoded value appears in the log output.\n\nThe BGP peer password annotation is documented in `docs/user-guide.md` and has the constant:\n\n```go\n// pkg/controllers/routing/network_routes_controller.go:59\npeerPasswordAnnotation = \"kube-router.io/peer.passwords\"\n```\n\nNote that a password-safe `String()` method exists on `PeerConfig` and `PeerConfigs` in `pkg/bgp/peer_config.go` and is tested:\n\n```go\n// pkg/bgp/peer_config.go:63-79\n// Custom Stringer to prevent leaking passwords when printed\nfunc (p PeerConfig) String() string {\n    // ...password field is intentionally omitted...\n}\n```\n\nHowever, this protective method is never invoked by the vulnerable log statement, which dumps the raw annotation map before any parsing occurs. The password masking only applies after the annotation is parsed into `PeerConfig` structs.\n\nThe second log statement at line 1510 (`klog.Infof(\"Peer config from %s annotation: %+v\", peersAnnotation, peerConfigs)`) is **not vulnerable** — `peerConfigs` is of type `bgp.PeerConfigs` which implements `fmt.Stringer` and correctly masks passwords.\n\nThe vulnerable path (`bgpPeerConfigsFromIndividualAnnotations`) is triggered when the `kube-router.io/peers` consolidated YAML annotation is not set — i.e., when operators use the older individual annotation format (`kube-router.io/peer.ips`, `kube-router.io/peer.asns`, `kube-router.io/peer.passwords`). This older format remains fully supported and documented.\n\n## PoC\n\n**Setup**: Node has per-node BGP peer annotations including a password:\n```bash\nkubectl annotate node worker-1 \\\n  kube-router.io/peer.ips=192.0.2.1 \\\n  kube-router.io/peer.asns=65001 \\\n  \"kube-router.io/peer.passwords=$(echo -n 's3cr3t-bgp-p@ss' | base64)\"\n```\n\n**Trigger**: Start kube-router with verbose logging (e.g., following troubleshooting documentation):\n```bash\n# As documented in docs/troubleshoot.md for debugging:\nkube-router ... --v=2\n```\n\n**Observe**: In kube-router pod logs:\n```\nI0318 10:23:41.123456 1 network_routes_controller.go:1129] Attempting to construct peer configs from annotation:\nmap[\n  kube-router.io/peer.asns:65001\n  kube-router.io/peer.ips:192.0.2.1\n  kube-router.io/peer.passwords:czNjcjN0LWJncC1wQHNz   <-- base64-encoded password\n  ...other annotations...\n]\n```\n\n**Decode the password**:\n```bash\necho \"czNjcjN0LWJncC1wQHNz\" | base64 -d\n# Output: s3cr3t-bgp-p@ss\n```\n\n**Impact**: With the decoded password and network adjacency to the BGP peer, an attacker can establish an unauthorized BGP session, inject routes, or disrupt legitimate BGP peering.\n\n## Impact\n\n- **BGP credential disclosure**: BGP MD5 authentication passwords are exposed to anyone with access to kube-router log output\n- **BGP session hijacking**: An attacker who obtains the password and has network-level access to a BGP neighbor can impersonate the kube-router node, injecting malicious routes into the BGP table\n- **Log forwarding risk**: Log aggregation systems (Fluentd, Loki, Elastic, Splunk) typically have different and often broader access controls than Kubernetes RBAC. Passwords aggregated into these systems may be accessible to personnel without Kubernetes node access\n- **Support workflow exposure**: The official troubleshooting documentation recommends collecting `--v=2` logs before filing issues, creating a realistic path for passwords to be shared in bug reports or support tickets\n\n## Recommended Fix\n\nRemove or redact the vulnerable log statement at line 1129. The diagnostic information it provides (confirming that annotation-based peer configuration is being used) can be conveyed without exposing credential values:\n\n```go\n// Before (vulnerable):\nklog.V(2).Infof(\"Attempting to construct peer configs from annotation: %+v\", node.Annotations)\n\n// After (safe):\nklog.V(2).Infof(\"Attempting to construct peer configs from per-node annotations (kube-router.io/peer.ips, etc.)\")\n```\n\nIf full annotation content is needed for debugging (e.g., to show non-sensitive annotations), log a filtered version that explicitly excludes the password annotation:\n\n```go\n// Safe alternative that preserves non-sensitive diagnostic info:\nsafeAnnotations := make(map[string]string)\nfor k, v := range node.Annotations {\n    if k != peerPasswordAnnotation {\n        safeAnnotations[k] = v\n    }\n}\nklog.V(2).Infof(\"Attempting to construct peer configs from annotations: %+v\", safeAnnotations)\n```",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/cloudnativelabs/kube-router/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.7.0"
+            },
+            {
+              "last_affected": "2.8.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/cloudnativelabs/kube-router/security/advisories/GHSA-fcmh-qfxc-w685"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/cloudnativelabs/kube-router"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-532"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:07:53Z",
+    "nvd_published_at": null
+  }
+}