Executive Summary
Vercel has disclosed and resolved a low-severity security vulnerability within its AI SDK that could allow users to bypass filetype whitelists during file uploads. The issue stemmed from an improper URL-to-data mapping in the prompt conversion pipeline, affecting functions like `generateText()` and `streamText()`. The vulnerability has been fixed in versions 5.0.52 and 6.0.0-beta.*, and customers are encouraged to upgrade immediately.
Key Takeaways
* Product Affected: Vercel AI SDK.
* Vulnerability: An index misalignment flaw could cause bytes from an unsupported URL to be incorrectly associated with a whitelisted URL, bypassing content validation.
* Impact: Attackers could inject arbitrary content by uploading un-whitelisted file types, bypassing URL-based trust mechanisms.
* Affected Functions: `generateText()` and `streamText()` when processing image or file inputs via URLs.
* Resolution: The issue is patched in versions `5.0.52` and `6.0.0-beta.*`. The fix ensures correct file mapping is performed before filtering operations.
* Action Required: Developers using the Vercel AI SDK are advised to upgrade to the latest patched version to secure their applications.
Strategic Importance
This announcement demonstrates Vercel's commitment to security through responsible disclosure and provides developers with a clear, immediate path to remediation, reinforcing trust in its ecosystem.