added ghsa, fixed word break

Yaniv-git · Yaniv-git · commit 4d7c2649bf33 · 2023-11-01T21:19:17.000+01:00
diff --git a/source/_posts/Hostname spoofing in urijs.md b/source/_posts/Hostname spoofing in urijs.md
@@ -10,6 +10,8 @@ advisory: true
 origin: https://advisory.checkmarx.net/advisory/CX-2021-4305/
 cves:
 	- "CVE-2021-27516"
+ghsas:
+  - "GHSA-p6j9-7xhc-rhwp"
 ---
 ## Summary
 Affected versions of urijs fails to validate the hostname correctly when using backslash in the protocol e.g. `http:\/`.
diff --git a/source/_posts/Open redirect in Jupyter server.md b/source/_posts/Open redirect in Jupyter server.md
@@ -8,6 +8,8 @@ advisory: true
 origin: https://advisory.checkmarx.net/advisory/CX-2020-4291/
 cves:
 	- "CVE-2020-26275"
+ghsas:
+	- "GHSA-9f66-54xg-pc2c"
 ---
 ## Summary
 The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Affected versions of Jupyter Server are vulnerable to open redirect vulnerability. All jupyter servers running without a base_url prefix are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts.
diff --git a/source/about/index.md b/source/about/index.md
@@ -6,7 +6,7 @@ comments: false
 ---
 # Who am I?
 
-Starting my way as a Software Engineer, I transitioned into the realm of Cyber-Security during my service in the IDF's 8200 unit, where I gained experience in both offensive and defensive cybersecurity tactics. Since entering the industry as a Security Researcher, my primary area of expertise now centers on conducting hands-on research related to cod, where I had the privilege of sharing my findings with the broader cybersecurity community.
+Starting my way as a Software Engineer, I transitioned into the realm of cyber security during my service in the IDF’s 8200 unit, where I gained experience in both offensive and defensive cybersecurity tactics. Since entering the industry as a Security Researcher, my primary area of expertise now centers on conducting hands-on research related to code, where I had the privilege of sharing my findings with the broader cybersecurity community.
 
 # Socials
 * [Twitter (x)](https://twitter.com/YNizry)
diff --git a/themes/aircloud/layout/advisories.ejs b/themes/aircloud/layout/advisories.ejs
@@ -26,12 +26,16 @@ layout: layout
             </p>
         </div>
         <div class="post-cve">
-            <% if (post?.cves?.length > 0){ %>
-            <span>/</span>
-            <% post.cves.forEach(function(cve){ %>
-            <a class="tag" href="https://nvd.nist.gov/vuln/detail/<%= cve %>" title="<%= cve %>"><%= cve %></a>
-            <span>/</span>
-            <% }) %>
+            <% if (post?.cves?.length || post?.ghsas?.length){ %>
+                <span>/</span>
+                <% post?.cves?.forEach(function(cve){ %>
+                <a href="https://nvd.nist.gov/vuln/detail/<%= cve %>" title="<%= cve %>"><%= cve %></a>
+                    <span>/</span>
+                <% }) %>
+                <% post?.ghsas?.forEach(function(ghsa){ %>
+                    <a href="https://github.com/advisories/<%= ghsa %>" title="<%= ghsa %>"><%= ghsa %></a>
+                    <span>/</span>
+                <% }) %>
             <% } %>
         </div> 
     </div>
diff --git a/themes/aircloud/layout/post.ejs b/themes/aircloud/layout/post.ejs
@@ -18,14 +18,20 @@
         <% } %>
         
 
-        <% if (page?.cves?.length){ %>
-        <span class="attr">/
-        <% page.cves.forEach(function(cve){ %>
-        <a href="https://nvd.nist.gov/vuln/detail/<%= cve %>" title="<%= cve %>"><%= cve %></a>
-        <span>/</span>
-        <% }) %>
-        </span>
+        <% if (page?.cves?.length || page?.ghsas?.length){ %>
+            <span class="attr">/
+            <% page?.cves?.forEach(function(cve){ %>
+                <a href="https://nvd.nist.gov/vuln/detail/<%= cve %>" title="<%= cve %>"><%= cve %></a>
+                    <span>/</span>
+            <% }) %>
+            <% page?.ghsas?.forEach(function(ghsa){ %>
+                <a href="https://github.com/advisories/<%= ghsa %>" title="<%= ghsa %>"><%= ghsa %></a>
+                <span>/</span>
+                <% }) %>
+            </span>
         <% } %>
+
+
         
         <!--<span class="attr"><%= __('post.visit') %>：<span id="busuanzi_value_page_pv"></span>-->
     </span>
diff --git a/themes/aircloud/source/css/aircloud.css b/themes/aircloud/source/css/aircloud.css
@@ -707,6 +707,7 @@ div.post-cve>a {
   background-color: rgba(51, 112, 255, 0.1);
 }
 .post-content {
+  word-break: break-word;
   line-height: 20px;
   font-size: 15px;
   text-indent: 2em;

Original file line number	Diff line number	Diff line change
`@@ -707,6 +707,7 @@ div.post-cve>a {`
`707`	`707`	`background-color: rgba(51, 112, 255, 0.1);`
`708`	`708`	`}`
`709`	`709`	`.post-content {`
	`710`	`+ word-break: break-word;`
`710`	`711`	`line-height: 20px;`
`711`	`712`	`font-size: 15px;`
`712`	`713`	`text-indent: 2em;`