File tree Expand file tree Collapse file tree 2 files changed +50
-0
lines changed Expand file tree Collapse file tree 2 files changed +50
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ gem : httparty
3+ ghsa : 5pq7-52mg-hr42
4+ url : https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42
5+ title : httparty has multipart/form-data request tampering vulnerability
6+ date : 2023-01-03
7+ description : |
8+ "multipart/form-data request tampering vulnerability"
9+ caused by Content-Disposition "filename" lack of escaping in httparty.
10+
11+ `httparty/lib/httparty/request` > `body.rb` > `def generate_multipart`
12+
13+ https://github.com/jnunemaker/httparty/blob/4416141d37fd71bdba4f37589ec265f55aa446ce/lib/httparty/request/body.rb#L43
14+
15+ By exploiting this problem, the following attacks are possible
16+
17+ * An attack that rewrites the \"name\" field according to the crafted file
18+ name, impersonating (overwriting) another field.
19+ * Attacks that rewrite the filename extension at the time multipart/form-data
20+ is generated by tampering with the filename.
21+ cvss_v3 : 6.5
22+ patched_versions :
23+ - " >= 0.21.0"
24+ related :
25+ url :
26+ - https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42
27+ - https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e
28+ - https://github.com/jnunemaker/httparty/blob/4416141d37fd71bdba4f37589ec265f55aa446ce/lib/httparty/request/body.rb#L43
29+ - https://bugzilla.mozilla.org/show_bug.cgi?id=1556711
Original file line number Diff line number Diff line change 1+ ---
2+ gem : keynote
3+ cve : 2017-20159
4+ ghsa : 399p-vq28-5hg8
5+ url : https://github.com/rf-/keynote/commit/05be4356b0a6ca7de48da926a9b997beb5ffeb4a
6+ title : keynote Cross-site Scripting vulnerability
7+ date : 2022-12-31
8+ description : |
9+ A vulnerability was found in rf Keynote up to 0.x. It has been rated
10+ as problematic. Affected by this issue is some unknown functionality of the file
11+ lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site
12+ scripting. The attack may be launched remotely. Upgrading to version 1.0.0 can address
13+ this issue. The name of the patch is 05be4356b0a6ca7de48da926a9b997beb5ffeb4a. It
14+ is recommended to upgrade the affected component. VDB-217142 is the identifier assigned
15+ to this vulnerability.
16+ patched_versions :
17+ - " >= 1.0.0"
18+ related :
19+ url :
20+ - https://github.com/rf-/keynote/releases/tag/v1.0.0
21+ - https://vuldb.com/?id.217142
You can’t perform that action at this time.
0 commit comments