Skip to content

GHSA-rwvc-j5jr-mgvh: update CVSS to match NVD assessment, enrich description #7384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
PiniShv wants to merge 1 commit into from
+5 −5
Closed

GHSA-rwvc-j5jr-mgvh: update CVSS to match NVD assessment, enrich description #7384

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions advisories/github-reviewed/2025/11/GHSA-rwvc-j5jr-mgvh/GHSA-rwvc-j5jr-mgvh.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@
"aliases": [
"CVE-2025-48985"
],
"summary": "Vercels AI SDK's filetype whitelists can be bypassed when uploading files",
"details": "A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade.",
"summary": "Vercel's AI SDK's filetype whitelists can be bypassed when uploading files",
"details": "### Summary\n\nA vulnerability in the Vercel AI SDK allowed users to bypass filetype whitelists when uploading files via the `generateText()` and `streamText()` functions.\n\n### Root Cause\n\nThe issue exists in `convert-to-language-model-prompt.ts`, where filtering downloaded results caused index misalignment between the `downloadedFiles` array and the `plannedDownloads` array. When a prompt contained a mix of supported and unsupported URLs, the improper URL-to-data mapping allowed bytes from an unsupported URL to be incorrectly mapped to a supported URL slot. This enabled an attacker to inject arbitrary file content while bypassing URL-based trust and content validation.\n\n### Fix\n\nThe fix maps files before filtering out empty entries, so the correct index alignment between downloads and their corresponding URLs is retained.\n\n### Affected Versions\n\nAll versions prior to 5.0.52 and 5.1.0-beta.0 through 5.1.0-beta.8 are affected. The 6.0.0-beta line (starting at 6.0.0-beta.29) was released after the fix and is not affected.\n\nFixed in 5.0.52 and 5.1.0-beta.9.",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
],
"affected": [
Expand Down Expand Up @@ -81,9 +81,9 @@
"CWE-20",
"CWE-682"
],
"severity": "LOW",
"severity": "MODERATE",
"github_reviewed": true,
"github_reviewed_at": "2025-11-07T17:39:01Z",
"nvd_published_at": "2025-11-07T01:15:36Z"
}
}
}