crates.io package
deepseek-tui
pkg:cargo/deepseek-tui
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-45374 | cri | — | < 0.8.26 | 0.8.26 | May 14, 2026 | ### Summary The `task_create` tool spawns durable sub-agents that inherit two insecure defaults: - `allow_shell` defaults to `true` (`config.rs:1499`: `self.allow_shell.unwrap_or(true)`) - `auto_approve` defaults to `true` (`task_manager.rs:297`: `auto_approve: Some(true)`) Wh | |
| CVE-2026-45373 | hig | — | < 0.8.26 | 0.8.26 | May 14, 2026 | ### Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as `http://[::1]`, the SSRF defenses do not work. ### Details https://github.com/Hmbown/DeepSeek-TUI/blob/15f62e3e93d842f30b428877819ebc1c8cb96814/c | |
| CVE-2026-45311 | cri | — | >= 0.3.0, < 0.8.23 | 0.8.23 | May 14, 2026 | ### Summary The `run_tests` tool executes `cargo test` in the workspace with `ApprovalRequirement::Auto`, meaning it runs without any user approval prompt. The source code explicitly states this design choice: ```rust fn approval_requirement(&self) -> ApprovalRequirement { | |
| CVE-2026-45310 | hig | — | < 0.8.22 | 0.8.22 | May 14, 2026 | ### Summary The `fetch_url` tool validates the initial URL's resolved IP address against a restricted-IP blocklist (`is_restricted_ip()`) to prevent SSRF attacks against internal services (cloud metadata endpoints, localhost, private networks). However, the HTTP client (`reqwest` |
- affected < 0.8.26fixed 0.8.26
### Summary The `task_create` tool spawns durable sub-agents that inherit two insecure defaults: - `allow_shell` defaults to `true` (`config.rs:1499`: `self.allow_shell.unwrap_or(true)`) - `auto_approve` defaults to `true` (`task_manager.rs:297`: `auto_approve: Some(true)`) Wh
- affected < 0.8.26fixed 0.8.26
### Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as `http://[::1]`, the SSRF defenses do not work. ### Details https://github.com/Hmbown/DeepSeek-TUI/blob/15f62e3e93d842f30b428877819ebc1c8cb96814/c
- affected >= 0.3.0, < 0.8.23fixed 0.8.23
### Summary The `run_tests` tool executes `cargo test` in the workspace with `ApprovalRequirement::Auto`, meaning it runs without any user approval prompt. The source code explicitly states this design choice: ```rust fn approval_requirement(&self) -> ApprovalRequirement {
- affected < 0.8.22fixed 0.8.22
### Summary The `fetch_url` tool validates the initial URL's resolved IP address against a restricted-IP blocklist (`is_restricted_ip()`) to prevent SSRF attacks against internal services (cloud metadata endpoints, localhost, private networks). However, the HTTP client (`reqwest`