From 0350caecfb77ee8e8596508d7230f64b05123051 Mon Sep 17 00:00:00 2001 From: Al Snow <43523+jasnow@users.noreply.github.com> Date: Sat, 28 Mar 2026 12:45:24 -0400 Subject: [PATCH] GHSA/SYNC: 1 modified and 2 brand new advisories --- gems/loofah/GHSA-46fp-8f5p-pf2m.yml | 3 ++ gems/mcp/CVE-2026-33946.yml | 53 ++++++++++++++++++++++++++ gems/ruby-lsp/CVE-2026-34060.yml | 58 +++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+) create mode 100644 gems/mcp/CVE-2026-33946.yml create mode 100644 gems/ruby-lsp/CVE-2026-34060.yml diff --git a/gems/loofah/GHSA-46fp-8f5p-pf2m.yml b/gems/loofah/GHSA-46fp-8f5p-pf2m.yml index 39998f1daa..ff6c8eb596 100644 --- a/gems/loofah/GHSA-46fp-8f5p-pf2m.yml +++ b/gems/loofah/GHSA-46fp-8f5p-pf2m.yml @@ -48,4 +48,7 @@ patched_versions: related: url: - https://github.com/flavorjones/loofah/security/advisories/GHSA-46fp-8f5p-pf2m + - https://github.com/flavorjones/loofah/releases/tag/v2.25.1 + - https://github.com/flavorjones/loofah/commit/f4ebc9c5193dde759a57541062e490e86fc7c068 + - https://github.com/advisories/GHSA-2j22-pr5w-6gq8 - https://github.com/advisories/GHSA-46fp-8f5p-pf2m diff --git a/gems/mcp/CVE-2026-33946.yml b/gems/mcp/CVE-2026-33946.yml new file mode 100644 index 0000000000..df3c67b2ee --- /dev/null +++ b/gems/mcp/CVE-2026-33946.yml @@ -0,0 +1,53 @@ +--- +gem: mcp +cve: 2026-33946 +ghsa: qvqr-5cv7-wh35 +url: https://github.com/modelcontextprotocol/ruby-sdk/security/advisories/GHSA-qvqr-5cv7-wh35 +title: MCP Ruby SDK - Insufficient Session Binding Allows SSE + Stream Hijacking via Session ID Replay +date: 2026-03-27 +description: | + ### Summary + + The Ruby SDK's [streamable_http_transport.rb](https://github.com/modelcontextprotocol/ruby-sdk/blob/main/lib/mcp/server/transports/streamable_http_transport.rb) + implementation contains a session hijacking vulnerability. An attacker + who obtains a valid session ID can completely hijack the victim's + Server-Sent Events (SSE) stream and intercept all real-time data. + + ### Details + + **Root Cause** + + The StreamableHTTPTransport implementation stores only one SSE stream + object per session ID and lacks: + + - Session-to-user identity binding + - Ownership validation when establishing SSE connections + - Protection against multiple simultaneous connections to the same session + + ### Impact + + While the absence of user binding may not pose immediate risks if + session IDs are not used to store sensitive data or state, the + fundamental purpose of session IDs is to maintain stateful connections. + If the SDK or its consumers utilize session IDs for sensitive operations + without proper user binding controls, this creates a potential security + vulnerability. For example: In the case of the Ruby SDK, the attacker + was able to hijack the stream and receive all the tool responses + belonging to the victim. The tool responses can be sensitive + confidential data. +cvss_v3: 8.2 +patched_versions: + - ">= 0.9.2" +related: + url: + - https://www.cve.org/CVERecord?id=CVE-2026-33946 + - https://github.com/modelcontextprotocol/ruby-sdk/releases/tag/v0.9.2 + - https://github.com/modelcontextprotocol/ruby-sdk/security/advisories/GHSA-qvqr-5cv7-wh35 + - https://github.com/modelcontextprotocol/ruby-sdk/blob/main/examples/streamable_http_server.rb + - https://github.com/modelcontextprotocol/ruby-sdk/commit/db40143402d65b4fb6923cec42d2d72cb89b3874 + - https://hackerone.com/reports/3556146 + - https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.AspNetCore/SseHandler.cs#L93-L97 + - https://github.com/modelcontextprotocol/go-sdk/blob/main/mcp/streamable.go#L281C1-L288C2 + - https://github.com/modelcontextprotocol/python-sdk/blob/main/src/mcp/server/streamable_http.py#L680-L685 + - https://github.com/advisories/GHSA-qvqr-5cv7-wh35 diff --git a/gems/ruby-lsp/CVE-2026-34060.yml b/gems/ruby-lsp/CVE-2026-34060.yml new file mode 100644 index 0000000000..b3bc6662e4 --- /dev/null +++ b/gems/ruby-lsp/CVE-2026-34060.yml @@ -0,0 +1,58 @@ +--- +gem: ruby-lsp +cve: 2026-34060 +ghsa: c4r5-fxqw-vh93 +url: https://github.com/Shopify/ruby-lsp/security/advisories/GHSA-c4r5-fxqw-vh93 +title: Ruby LSP has arbitrary code execution through branch setting +date: 2026-03-27 +description: | + + ## Summary + + The `rubyLsp.branch` VS Code workspace setting was interpolated without + sanitization into a generated Gemfile, allowing arbitrary Ruby code + execution when a user opens a project containing a malicious + `.vscode/settings.json`. + + Other editors that support workspace setting that get automatically + applied upon opening the editor and trusting the workspace are also + impacted since the server is the component that performs the interpolation. + + ## Details + + The `branch` CLI argument passed to the `ruby-lsp` server was + interpolated in the generated `.ruby-lsp/Gemfile` without sanitization. + Editors that allow defining settings saved at the workspace level + (e.g.: `.vscode/settings.json`) that gets automatically applied open + the possibility to craft a malicious repository that once opened and + trusted in the editor would run arbitrary code. + + ## Impact + + Code execution with the privileges of the user who opens the malicious + project. Ruby LSP assumes workspace code is trusted and so opening + the editor on an untrusted workspace can lead to executing potentially + dangerous code. + + ## Remediation + + The `rubyLsp.branch` setting has been removed entirely. VS Code extensions + auto-update by default, so most users will receive the fix without + action. Users who have disabled auto-updates should update to extension + version >= 0.10.2. + + The `branch` CLI flag was also entirely removed from the `ruby-lsp` + gem. For users that don't add `ruby-lsp` to their Gemfiles, the + server should auto-update. Users with the `ruby-lsp` in the Gemfile + and locked to a specific version should update to >= 0.26.9. +cvss_v2: 7.5 +cvss_v3: 9.8 +cvss_v4: 7.1 +patched_versions: + - ">= 0.26.9" +related: + url: + - https://www.tenable.com/cve/CVE-2026-34060 + - https://github.com/Shopify/ruby-lsp/security/advisories/GHSA-c4r5-fxqw-vh93 + - https://github.com/Shopify/ruby-lsp/releases/tag/v0.26.9 + - https://github.com/advisories/GHSA-c4r5-fxqw-vh93