AIKIDO-2026-10995
@ai-sdk/provider-utils is vulnerable to Denial of Service (DoS)
50
Medium Risk
This Affects:
@ai-sdk/provider-utilsTL;DR
The downloadBlob helper in @ai-sdk/provider-utils reads response bodies via unbounded arrayBuffer() and blob() calls with no size cap. An attacker who can influence a URL passed into the helper can point at a host that streams arbitrarily large bytes and force the host process to crash. The default behavior applies no Content-Length check and no streaming limit. The fix introduces a readResponseWithSizeLimit helper that enforces a 2 GiB default cap, rejects responses whose advertised Content-Length exceeds the limit, and aborts streaming reads once received bytes pass the cap.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
@ai-sdk/provider-utils is vulnerable to Denial of Service (DoS) in versions 0.0.1 - 4.0.14.
How to fix this
Upgrade the @ai-sdk/provider-utils library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant