Publish Advisories

GHSA-vghf-hv5q-vc2g
GHSA-9h52-p55h-vw2f
GHSA-p6gj-jc38-x2m7
GHSA-w48q-cv73-mx4w
GHSA-w756-rf26-7rmr
GHSA-p6gj-jc38-x2m7

Author: advisory-database[bot]

…-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.json …-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.jsonadvisories/unreviewed/2025/11/GHSA-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.json renamed to advisories/github-reviewed/2025/11/GHSA-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.json advisories/unreviewed/2025/11/GHSA-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.json renamed to advisories/github-reviewed/2025/11/GHSA-vghf-hv5q-vc2g/GHSA-vghf-hv5q-vc2g.json

@@ -1,11 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vghf-hv5q-vc2g",
-  "modified": "2025-11-27T06:31:25Z",
+  "modified": "2025-12-02T16:51:42Z",
   "published": "2025-11-27T06:31:25Z",
   "aliases": [
     "CVE-2025-12758"
   ],
+  "summary": "Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements",
   "details": "Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account Unicode variation selectors (\\uFE0F, \\uFE0E) appearing in a sequence which lead to improper string length calculation. This can lead to an application using isLength for input validation accepting strings significantly longer than intended, resulting in issues like data truncation in databases, buffer overflows in other system components, or denial-of-service.",
   "severity": [
     {
@@ -17,7 +18,27 @@
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "validator"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "13.15.22"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -27,10 +48,18 @@
       "type": "WEB",
       "url": "https://github.com/validatorjs/validator.js/pull/2616"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382"
+    },
     {
       "type": "WEB",
       "url": "https://gist.github.com/koral--/ad31208b25b9e3d1e2e35f1d4d72572e"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/validatorjs/validator.js"
+    },
     {
       "type": "WEB",
       "url": "https://security.snyk.io/vuln/SNYK-JS-VALIDATOR-13653476"
@@ -41,8 +70,8 @@
       "CWE-792"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-02T16:51:42Z",
     "nvd_published_at": "2025-11-27T05:16:12Z"
   }
 }

advisories/github-reviewed/2025/12/GHSA-9h52-p55h-vw2f/GHSA-9h52-p55h-vw2f.json

@@ -0,0 +1,62 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-9h52-p55h-vw2f",
+  "modified": "2025-12-02T16:52:08Z",
+  "published": "2025-12-02T16:52:08Z",
+  "aliases": [
+    "CVE-2025-66416"
+  ],
+  "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default",
+  "details": "### Description\n\nThe Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication using `FastMCP` with streamable HTTP or SSE transport, and has not configured `TransportSecuritySettings`, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or access resources exposed by the MCP server on behalf of the user in those limited circumstances.\n\nNote that running HTTP-based MCP servers locally without authentication is not recommended per MCP security best practices. This issue does not affect servers using stdio transport.\n\nServers created via `FastMCP()` now have DNS rebinding protection enabled by default when the `host` parameter is `127.0.0.1` or `localhost`. Users are advised to update to version `1.23.0` to receive this automatic protection. Users with custom low-level server configurations using `StreamableHTTPSessionManager` or `SseServerTransport` directly should explicitly configure `TransportSecuritySettings` when running an unauthenticated server on localhost.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "mcp"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.23.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-9h52-p55h-vw2f"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/modelcontextprotocol/python-sdk/commit/d3a184119e4479ea6a63590bc41f01dc06e3fa99"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/modelcontextprotocol/python-sdk"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1188",
+      "CWE-350"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-02T16:52:08Z",
+    "nvd_published_at": null
+  }
+}

advisories/github-reviewed/2025/12/GHSA-p6gj-jc38-x2m7/GHSA-p6gj-jc38-x2m7.json

@@ -0,0 +1,137 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-p6gj-jc38-x2m7",
+  "modified": "2025-12-02T16:53:35Z",
+  "published": "2025-12-01T21:30:26Z",
+  "aliases": [
+    "CVE-2025-12756"
+  ],
+  "summary": "Mattermost fails to validate user permissions when deleting comments in Boards",
+  "details": "Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/mattermost/mattermost/server/v8"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "8.0.0-20251013062617-7977e7e6dae3"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/mattermost/mattermost"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "10.11.0"
+            },
+            {
+              "last_affected": "10.11.4"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/mattermost/mattermost"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "10.12.0"
+            },
+            {
+              "last_affected": "10.12.1"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/mattermost/mattermost"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "10.5.0"
+            },
+            {
+              "last_affected": "10.5.12"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/mattermost/mattermost"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "11.0.0"
+            },
+            {
+              "last_affected": "11.0.2"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12756"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/mattermost/mattermost"
+    },
+    {
+      "type": "WEB",
+      "url": "https://mattermost.com/security-updates"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-863"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-02T16:53:35Z",
+    "nvd_published_at": "2025-12-01T20:15:49Z"
+  }
+}

advisories/github-reviewed/2025/12/GHSA-w48q-cv73-mx4w/GHSA-w48q-cv73-mx4w.json

@@ -0,0 +1,66 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-w48q-cv73-mx4w",
+  "modified": "2025-12-02T16:51:57Z",
+  "published": "2025-12-02T16:51:57Z",
+  "aliases": [
+    "CVE-2025-66414"
+  ],
+  "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default",
+  "details": "The Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with `StreamableHTTPServerTransport` or `SSEServerTransport` and has not enabled `enableDnsRebindingProtection`, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or access resources exposed by the MCP server on behalf of the user in those limited circumstances.\n\nNote that running HTTP-based MCP servers locally without authentication is not recommended per MCP security best practices. This issue does not affect servers using stdio transport.\n\nServers created via `createMcpExpressApp()` now have this protection enabled by default when binding to localhost. Users with custom Express configurations are advised to update to version `1.24.0` and apply the exported `hostHeaderValidation()` middleware when running an unauthenticated server on localhost.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@modelcontextprotocol/sdk"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.24.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-w48q-cv73-mx4w"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/modelcontextprotocol/typescript-sdk/pull/1205"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/modelcontextprotocol/typescript-sdk/commit/608360047dc6899f1cf4f0226eb62fe7b11b3898"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/modelcontextprotocol/typescript-sdk"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1188",
+      "CWE-350"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-02T16:51:57Z",
+    "nvd_published_at": null
+  }
+}