Sign In

CVE-2025-48985

ADVISORY - github

Summary

A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade.

EPSS Score: 0.00077 (0.229)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20

Improper Input Validation

ADVISORY - github

CWE-20

Improper Input Validation

CWE-682

Incorrect Calculation

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in