Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 93973098fe6e · 2025-11-17T17:50:54.000Z
GHSA-4m32-cjv7-f425 GHSA-5pmx-7r6r-wfqq
diff --git a/advisories/github-reviewed/2025/11/GHSA-4m32-cjv7-f425/GHSA-4m32-cjv7-f425.json b/advisories/github-reviewed/2025/11/GHSA-4m32-cjv7-f425/GHSA-4m32-cjv7-f425.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4m32-cjv7-f425",
-  "modified": "2025-11-14T21:52:23Z",
+  "modified": "2025-11-17T17:48:45Z",
   "published": "2025-11-14T21:52:23Z",
   "aliases": [
     "CVE-2025-55449"
   ],
   "summary": "AstrBot is vulnerable to RCE with hard-coded JWT signing keys",
-  "details": "### Summary\nAstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin.\n\n### Details\n\nAstrBot uses a [hard-coded JWT signing key](https://github.com/AstrBotDevs/AstrBot/blob/v3.5.16/astrbot/core/__init__.py), which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python plugin that will be imported [here](https://github.com/AstrBotDevs/AstrBot/blob/master/astrbot/dashboard/routes/plugin.py), enabling arbitrary command execution on the target host.\n\n### Impact\n\nAll publicly accessible AstrBot instances are vulnerable.\n\nFor more information, please see: [CVE-2025-55449-AstrBot-RCE](https://github.com/Marven11/CVE-2025-55449-AstrBot-RCE)",
+  "details": "### Summary\nAstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin.\n\n### Details\n\nAstrBot uses a [hard-coded JWT signing key](https://github.com/AstrBotDevs/AstrBot/blob/v3.5.16/astrbot/core/__init__.py), which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python plugin that will be imported [here](https://github.com/AstrBotDevs/AstrBot/blob/master/astrbot/dashboard/routes/plugin.py), enabling arbitrary command execution on the target host.\n\n### Impact\n\nAll publicly accessible AstrBot instances are vulnerable.\n\nFor more information, please see: [CVE-2025-55449-AstrBot-RCE](https://github.com/Marven11/CVE-2025-55449-AstrBot-RCE)\n\n### Patch\n\nThis vulnerability was first reported on **2025-06-21** and was patched on the **same day** (2025-06-21).\n\nThe vulnerability was publicly disclosed on **2025-11-14**. Prior to public disclosure, monitoring from AstrBot Cloud indicated that fewer than 2% of deployed instances were still running the affected version. Therefore, this disclosure is not expected to have a significant impact on existing active instances.",
   "severity": [
     {
       "type": "CVSS_V3",
diff --git a/advisories/github-reviewed/2025/11/GHSA-5pmx-7r6r-wfqq/GHSA-5pmx-7r6r-wfqq.json b/advisories/github-reviewed/2025/11/GHSA-5pmx-7r6r-wfqq/GHSA-5pmx-7r6r-wfqq.json
@@ -1,15 +1,15 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5pmx-7r6r-wfqq",
-  "modified": "2025-11-04T18:58:22Z",
+  "modified": "2025-11-17T17:49:18Z",
   "published": "2025-11-04T18:58:22Z",
   "aliases": [],
   "summary": "Kgateway transformation policy template can emit files from the container ",
-  "details": "## Summary\n\nThe transformation policy template feature in Kgateway versions through 2.0.4 allows users with TrafficPolicy creation permissions to craft transformations that read and expose arbitrary files from the dataplane container filesystem.\n\n## Description\n\n### Impact\n\nUsers with permissions to create a TrafficPolicy can create a transformation that returns files from within the dataplane container. While no secrets are mounted to the container by default, users who mount custom volumes to the dataplane should be aware of potential data exposure through this vulnerability.\n\nThis could allow unauthorized access to:\n- Configuration files within the container\n- Custom mounted volumes and their contents\n- Any files accessible to the dataplane container process\n\n### Patches\n\nUpgrade to version 2.0.5 or 2.1.0. These versions include an updated transformation filter in envoy-gloo that prevents file access through transformation templates.\n\n### Workarounds\n\nIf you are not using transformations, you can disallow TrafficPolicy creation or restrict transformation usage using a ValidatingAdmissionPolicy to prevent exploitation while preparing to upgrade.\n\n## References\n\n- Fix in 2.1.0: https://github.com/kgateway-dev/kgateway/pull/12528 (envoy-gloo v1.35.2-patch4)\n- Backport to 2.0.5: Included in https://github.com/kgateway-dev/kgateway/pull/12535 (envoy-gloo v1.34.6-patch3)\n- Envoy-gloo releases: https://github.com/solo-io/envoy-gloo/releases/tag/v1.35.2-patch4\n- Envoy-gloo releases: https://github.com/solo-io/envoy-gloo/releases/tag/v1.34.6-patch3\n\n\n## Credits\n\nKindly reported by @rikatz\n\n## For More Information\n\nIf you have any questions or comments about this advisory, please reach out in slack https://cloud-native.slack.com/archives/C080D3PJMS4",
+  "details": "## Summary\n\nThe transformation policy template feature in Kgateway versions through 2.0.4 allows users with TrafficPolicy creation permissions to craft transformations that read and expose arbitrary files from the dataplane container filesystem.\n\n## Description\n\n### Impact\n\nUsers with permissions to create a TrafficPolicy can create a transformation that returns files from within the dataplane container. While no secrets are mounted to the container by default, users who mount custom volumes to the dataplane should be aware of potential data exposure through this vulnerability.\n\nThis could allow unauthorized access to:\n- Configuration files within the container\n- Custom mounted volumes and their contents\n- Any files accessible to the dataplane container process\n\nNote: Updated availability score to high, as under some configurations this can prevent xDS updates.\n\n### Patches\n\nUpgrade to version 2.0.5 or 2.1.0. These versions include an updated transformation filter in envoy-gloo that prevents file access through transformation templates.\n\n### Workarounds\n\nIf you are not using transformations, you can disallow TrafficPolicy creation or restrict transformation usage using a ValidatingAdmissionPolicy to prevent exploitation while preparing to upgrade.\n\n## References\n\n- Fix in 2.1.0: https://github.com/kgateway-dev/kgateway/pull/12528 (envoy-gloo v1.35.2-patch4)\n- Backport to 2.0.5: Included in https://github.com/kgateway-dev/kgateway/pull/12535 (envoy-gloo v1.34.6-patch3)\n- Envoy-gloo releases: https://github.com/solo-io/envoy-gloo/releases/tag/v1.35.2-patch4\n- Envoy-gloo releases: https://github.com/solo-io/envoy-gloo/releases/tag/v1.34.6-patch3\n\n\n## Credits\n\nKindly reported by @rikatz\n\n## For More Information\n\nIf you have any questions or comments about this advisory, please reach out in slack https://cloud-native.slack.com/archives/C080D3PJMS4",
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"
     }
   ],
   "affected": [
@@ -82,7 +82,7 @@
     "cwe_ids": [
       "CWE-22"
     ],
-    "severity": "LOW",
+    "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2025-11-04T18:58:22Z",
     "nvd_published_at": null
