Sync with GitHub Security Advisories

reedloden · reedloden · commit c7d8ed054f3c · 2023-01-24T10:56:02.000-05:00
* Add publify_core/CVE-2022-1812 * Add missing CVSSv3 scores to various other entries
diff --git a/gems/chartkick/CVE-2019-18841.yml b/gems/chartkick/CVE-2019-18841.yml
@@ -8,7 +8,8 @@ date: 2019-11-09
 description: |
   A specially crafted response in data loaded via URL
   can cause prototype pollution in JavaScript.
+cvss_v3: 7.3
 unaffected_versions:
-- < 3.1.0
+- "< 3.1.0"
 patched_versions:
-- '>= 3.3.0'
+- ">= 3.3.0"
diff --git a/gems/paperclip/CVE-2017-0889.yml b/gems/paperclip/CVE-2017-0889.yml
@@ -16,8 +16,9 @@ description: |
   against Server Side Request Forgery (SSRF) exploits by default. This may allow
   a remote attacker to access information about internal network resources.
 cvss_v2: 7.5
+cvss_v3: 9.8
 patched_versions:
-- '>= 5.2.0'
+- ">= 5.2.0"
 related:
   url:
   - https://nvd.nist.gov/vuln/detail/CVE-2017-0889
diff --git a/gems/publify_core/CVE-2022-1812.yml b/gems/publify_core/CVE-2022-1812.yml
@@ -0,0 +1,16 @@
+---
+gem: publify_core
+cve: 2022-1812
+ghsa: rc42-jghf-vr8f
+url: https://github.com/publify/publify/commit/29a5837c29620e33857d7a5afce01384e3f8e41a
+title: Integer overflow in publify_core
+date: 2023-01-14
+description: |
+  Integer Overflow or Wraparound in GitHub repository publify/publify prior
+  to 9.2.10 due to an unlimited length user name field.
+cvss_v3: 9.8
+patched_versions:
+- ">= 9.2.10"
+related:
+  url:
+  - https://huntr.dev/bounties/17d86a50-265c-4ec8-9592-0bd909ddc8f3
diff --git a/gems/publify_core/CVE-2023-0299.yml b/gems/publify_core/CVE-2023-0299.yml
@@ -8,6 +8,7 @@ date: 2023-01-14
 description: |
   Improper Input Validation in GitHub repository publify/publify prior
   to 9.2.10.
+cvss_v3: 9.8
 patched_versions:
 - ">= 9.2.10"
 related:
diff --git a/gems/qiita-markdown/CVE-2021-28796.yml b/gems/qiita-markdown/CVE-2021-28796.yml
@@ -6,5 +6,6 @@ url: https://github.com/advisories/GHSA-f2c9-5jqw-3xh3
 title: Cross-Site Scripting in Qiita::Markdown
 date: 2021-08-02
 description: Increments Qiita::Markdown before 0.33.0 allows XSS in transformers.
+cvss_v3: 6.1
 patched_versions:
-- '>= 0.33.0'
+- ">= 0.33.0"
diff --git a/gems/safemode/CVE-2017-7540.yml b/gems/safemode/CVE-2017-7540.yml
@@ -10,8 +10,9 @@ description: |
   to bypassing safe mode limitations via special Ruby syntax. This can
   lead to deletion of objects for which the user does not have delete
   permissions or possibly to privilege escalation.
+cvss_v3: 9.8
 patched_versions:
-- '>= 1.3.3'
+- ">= 1.3.3"
 related:
   url:
   - https://github.com/svenfuchs/safemode/pull/23
