Security vulnerabilities in the Common Lisp ecosystem
| ID | Project | Severity | CVSS | Title | Status | Published |
|---|---|---|---|---|---|---|
| CL-SEC-2026-0211 | cl-sanitize-html | MEDIUM | 4.1 | Backslash protocol-relative URL bypass in cl-sanitize-html allows resource loading from arbitrary domains | Fixed | 2026-06-22 |
| CL-SEC-2026-0208 | ag-gRPC | HIGH | 7.5 | Unbounded request buffering in HTTP/2 server (no max-receive-message-size) | Fixed | 2026-06-21 |
| CL-SEC-2026-0209 | ag-gRPC | HIGH | 7.5 | HTTP/2 SETTINGS_MAX_FRAME_SIZE not enforced on inbound frames | Fixed | 2026-06-21 |
| CL-SEC-2026-0206 | pure-tls | LOW | 5.3 | Out-of-bounds read parsing attacker-supplied ECHConfig causes uncaught error (remote DoS) in pure-tls | Fixed | 2026-06-21 |
| CL-SEC-2026-0207 | pure-tls | LOW | 4.2 | ExtendedKeyUsage not enforced during certificate chain verification in pure-tls | Fixed | 2026-06-21 |
| CL-SEC-2026-0210 | ag-gRPC | LOW | 3.7 | gRPC client crash on malformed percent-encoded grpc-message trailer | Fixed | 2026-06-21 |
| CL-SEC-2026-0203 | ag-proto | HIGH | 7.5 | Unbounded recursion in protobuf nested message deserialization | Fixed | 2026-04-20 |
| CL-SEC-2026-0204 | ag-grpc | HIGH | 7.5 | No decompressed size limit in gRPC message decompression (gzip bomb) | Fixed | 2026-04-20 |
| CL-SEC-2026-0201 | pure-tls | HIGH | 7.4 | Certificate chain trust anchor verified by issuer name only, not signature, in pure-tls | Fixed | 2026-04-18 |
| CL-SEC-2026-0202 | pure-tls | HIGH | 5.9 | Constant-time comparison returns equal for inputs differing by a multiple of 256 bytes in length | Fixed | 2026-04-18 |
| CL-SEC-2026-0054 | fast-http | HIGH | 7.5 | Unbounded chunk size hex parsing enables memory and CPU exhaustion | Fixed | 2026-04-07 |
| CL-SEC-2026-0004 | dexador | HIGH | 7.4 | Authentication credentials forwarded on cross-origin HTTP redirect | Fixed | 2026-04-07 |
| CL-SEC-2026-0051 | fast-http | HIGH | 7.4 | HTTP request smuggling via duplicate Content-Length headers (last wins) | Fixed | 2026-04-07 |
| CL-SEC-2026-0052 | fast-http | HIGH | 7.4 | HTTP request smuggling via Transfer-Encoding / Content-Length conflict not rejected | Fixed | 2026-04-07 |
| CL-SEC-2026-0045 | cl-cookie | MEDIUM | 6.5 | No domain validation at cookie storage time enables cookie jar poisoning | Fixed | 2026-04-07 |
| CL-SEC-2026-0053 | fast-http | MEDIUM | 5.9 | Transfer-Encoding obfuscation via trailing whitespace enables TE-TE request smuggling | Fixed | 2026-04-07 |
| CL-SEC-2026-0197 | ag-proto | HIGH | 7.5 | Unbounded memory allocation in protobuf length-delimited field decoding | Fixed | 2026-04-03 |
| CL-SEC-2026-0130 | cl-sanitize-html | CRITICAL | 9.3 | Missing SVG/MathML foreign content handling enables XSS in cl-sanitize-html | Fixed | 2026-03-31 |
| CL-SEC-2026-0019 | lack | HIGH | 8.1 | Session fixation via client-supplied session ID reuse | Fixed | 2026-03-31 |
| CL-SEC-2026-0020 | lack | HIGH | 8.1 | Unsafe deserialization in session stores escalates data injection to code execution | Fixed | 2026-03-31 |
| CL-SEC-2026-0118 | cl-chat | HIGH | 8.0 | Stored cross-site scripting via unsanitized WebSocket messages in cl-chat | Fixed | 2026-03-31 |
| CL-SEC-2026-0001 | cl-completions | HIGH | 7.5 | Gemini API key transmitted as URL query parameter | Fixed | 2026-03-31 |
| CL-SEC-2026-0116 | cl-chat | HIGH | 7.5 | Gemini API key leaked in URL query parameter in cl-chat | Fixed | 2026-03-31 |
| CL-SEC-2026-0124 | cl-nats | HIGH | 7.5 | Unbounded memory allocation from malicious server MSG byte counts in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0160 | puri | HIGH | 7.5 | Denial of service via read-from-string on URI port number | Fixed | 2026-03-31 |
| CL-SEC-2026-0003 | ag-gRPC | HIGH | 7.4 | TLS certificate verification disabled by default in gRPC client | Fixed | 2026-03-31 |
| CL-SEC-2026-0139 | cl-x509 | HIGH | 7.4 | No minimum RSA key size enforcement in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0135 | cl-selfupdate | HIGH | 7.0 | Predictable temporary directory enables symlink and race attacks in cl-selfupdate | Fixed | 2026-03-31 |
| CL-SEC-2026-0112 | pure-tls | MEDIUM | 6.8 | Missing TLS 1.3 downgrade sentinel check in pure-tls client handshake | Fixed | 2026-03-31 |
| CL-SEC-2026-0120 | cl-chat | MEDIUM | 6.8 | Session cookie exposed in client-side JavaScript in cl-chat | Fixed | 2026-03-31 |
| CL-SEC-2026-0123 | cl-nats | MEDIUM | 6.8 | NATS protocol injection via unsanitized subject and reply-to fields in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0147 | ocicl | MEDIUM | 6.8 | No client-side verification of downloaded package integrity in ocicl | Open | 2026-03-31 |
| CL-SEC-2026-0134 | cl-selfupdate | MEDIUM | 6.6 | Checksum validation optional and silently skipped in cl-selfupdate | Fixed | 2026-03-31 |
| CL-SEC-2026-0136 | cl-selfupdate | MEDIUM | 6.6 | No TLS certificate verification enforcement in cl-selfupdate | Fixed | 2026-03-31 |
| CL-SEC-2026-0137 | cl-selfupdate | MEDIUM | 6.5 | Archive path traversal in tar and zip extraction in cl-selfupdate | Fixed | 2026-03-31 |
| CL-SEC-2026-0131 | cl-sanitize-html | MEDIUM | 6.1 | CSS comment bypass in style attribute sanitization in cl-sanitize-html | Fixed | 2026-03-31 |
| CL-SEC-2026-0133 | cl-sanitize-html | MEDIUM | 6.1 | Incomplete dangerous tag list allows content promotion from dangerous contexts in cl-sanitize-html | Fixed | 2026-03-31 |
| CL-SEC-2026-0121 | cl-nats | MEDIUM | 5.9 | Credentials sent in cleartext over non-TLS connections in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0002 | cl-completions | MEDIUM | 5.5 | Full request URI including credentials leaked in error messages | Fixed | 2026-03-31 |
| CL-SEC-2026-0140 | cl-x509 | MEDIUM | 5.3 | No validation of certificate validity period in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0145 | cl-x509 | MEDIUM | 5.3 | KeyUsage unused-bits calculation incorrect for multi-byte bit strings in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0113 | pure-tls | MEDIUM | 4.8 | Missing ServerHello legacy_session_id_echo validation in pure-tls | Fixed | 2026-03-31 |
| CL-SEC-2026-0129 | cl-sanitize-html | MEDIUM | 4.7 | Double-encoded entity reversal enables XSS via output corruption in cl-sanitize-html | Fixed | 2026-03-31 |
| CL-SEC-2026-0132 | cl-sanitize-html | MEDIUM | 4.1 | Protocol-relative URL bypass in cl-sanitize-html allows resource loading from arbitrary domains | Fixed | 2026-03-31 |
| CL-SEC-2026-0114 | pure-tls | LOW | 3.7 | Non-cryptographic PRNG used for ticket age obfuscation in pure-tls | Fixed | 2026-03-31 |
| CL-SEC-2026-0119 | cl-chat | LOW | 3.7 | WebSocket and HTTP servers lack TLS encryption in cl-chat | Fixed | 2026-03-31 |
| CL-SEC-2026-0122 | cl-nats | LOW | 3.7 | No TLS certificate verification configuration in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0138 | cl-selfupdate | LOW | 3.7 | No protection against version downgrade attacks in cl-selfupdate | Fixed | 2026-03-31 |
| CL-SEC-2026-0141 | cl-x509 | LOW | 3.7 | No CN/subject field validation allows null-byte injection in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0142 | cl-x509 | LOW | 3.7 | SAN DNS names not validated allowing wildcard and null-byte injection in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0126 | cl-nats | LOW | 3.1 | Credential leakage in error messages and conditions in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0128 | cl-nats | LOW | 3.1 | Header injection via CRLF in serialized NATS headers in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0127 | cl-nats | LOW | 2.6 | Server-supplied connect_urls enable SSRF with credential forwarding in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0115 | pure-tls | LOW | 2.5 | Secret key material not zeroized after use in pure-tls | Fixed | 2026-03-31 |
| CL-SEC-2026-0125 | cl-nats | LOW | 2.5 | Credentials stored in plaintext in connection struct in cl-nats | Fixed | 2026-03-31 |
| CL-SEC-2026-0143 | cl-x509 | LOW | 2.5 | Private key material not zeroized in memory in cl-x509 | Fixed | 2026-03-31 |
| CL-SEC-2026-0117 | cl-chat | INFORMATIONAL | 0.0 | API keys leaked via error messages and debug logging in cl-chat | Withdrawn | 2026-03-31 |
| CL-SEC-2026-0144 | cl-x509 | INFORMATIONAL | 0.0 | No BasicConstraints enforcement for signing keys in cl-x509 | Withdrawn | 2026-03-31 |
| CL-SEC-2026-0146 | ocicl | INFORMATIONAL | 0.0 | Shell command injection via unsanitized file paths in ocicl setup.lisp | Withdrawn | 2026-03-31 |
| CL-SEC-2026-0148 | ocicl | INFORMATIONAL | 0.0 | Untrusted search path via parent directory traversal for ocicl.csv | Withdrawn | 2026-03-31 |
| CL-SEC-2026-0179 | trivia | INFORMATIONAL | 0.0 | trivia read pattern calls READ-FROM-STRING without binding *READ-EVAL* to NIL | Withdrawn | 2026-03-31 |