-
-
Notifications
You must be signed in to change notification settings - Fork 221
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Sync with GitHub Security Advisories
* Add asciidoctor/CVE-2018-18385 camaleon_cms/CVE-2018-18260 camaleon_cms/CVE-2021-25969 camaleon_cms/CVE-2021-25970 camaleon_cms/CVE-2021-25971 camaleon_cms/CVE-2021-25972 ccsv/CVE-2017-15364 commonmarker/GHSA-636f-xm5j-pj9m fluentd/CVE-2017-10906 git/CVE-2022-47318 gitaly/CVE-2020-13353 hammer_cli_foreman/CVE-2017-2667 katello/CVE-2016-3072 katello/CVE-2017-2662 katello/CVE-2018-14623 katello/CVE-2018-16887 mixlib-archive/CVE-2017-1000026 omniauth-weibo-oauth2/CVE-2019-17268 papercrop/CVE-2015-2784 publify_core/CVE-2023-0569 sanitize/CVE-2023-23627 smalruby-editor/CVE-2017-2096 smalruby/CVE-2017-2096 smashing/CVE-2021-35440 xapian-core/CVE-2018-0499 * Add missing metadata to following: administrate/CVE-2016-3098 clockwork_web/CVE-2023-25015 curupira/CVE-2015-10053 devise/CVE-2015-8314 jquery-ui-rails/CVE-2016-7103 xaviershay-dm-rails/CVE-2015-2179
- Loading branch information
Showing
31 changed files
with
506 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,14 @@ | ||
--- | ||
gem: administrate | ||
cve: 2016-3098 | ||
ghsa: cc8c-26rj-v2vx | ||
url: http://seclists.org/oss-sec/2016/q2/0 | ||
title: Cross-site request forgery (CSRF) vulnerability in administrate gem | ||
date: 2016-04-01 | ||
url: http://seclists.org/oss-sec/2016/q2/0 | ||
description: >- | ||
`Administrate::ApplicationController` actions didn't have CSRF | ||
protection. Remote attackers can hijack user's sessions and use any | ||
functionality that administrate exposes on their behalf. | ||
description: | | ||
"`Administrate::ApplicationController` actions didn't have CSRF protection. | ||
Remote attackers can hijack user's sessions and use any functionality that administrate | ||
exposes on their behalf." | ||
cvss_v3: 5.4 | ||
patched_versions: | ||
- '>= 0.1.5' | ||
- ">= 0.1.5" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
--- | ||
gem: asciidoctor | ||
cve: 2018-18385 | ||
ghsa: qc9p-mjxm-j2wj | ||
url: https://github.com/asciidoctor/asciidoctor/issues/2888 | ||
title: Asciidoctor Infinite Loop vulnerability | ||
date: 2022-05-13 | ||
description: | | ||
Asciidoctor in versions < 1.5.8 allows remote attackers to cause a denial | ||
of service (infinite loop). The loop was caused by the fact that `Parser.next_block` | ||
was not exhausting all the lines in the reader as the while loop expected it would. | ||
This was happening because the regular expression that detects any list was not | ||
agreeing with the regular expression that detects a specific list type. So the line | ||
kept getting pushed back onto the reader, hence causing the loop. | ||
cvss_v3: 7.5 | ||
patched_versions: | ||
- ">= 1.5.8" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
--- | ||
gem: camaleon_cms | ||
cve: 2018-18260 | ||
ghsa: 7f84-9cqf-g4j9 | ||
url: http://packetstormsecurity.com/files/149772/CAMALEON-CMS-2.4-Cross-Site-Scripting.html | ||
title: Camaleon CMS vulnerable to Stored Cross-site Scripting | ||
date: 2022-05-13 | ||
description: | | ||
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The | ||
profile image in the User settings section can be run in the update / upload area | ||
via `/admin/media/upload?actions=false`. | ||
cvss_v3: 6.1 | ||
unaffected_versions: | ||
- "< 2.4" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
gem: camaleon_cms | ||
cve: 2021-25969 | ||
ghsa: x78v-4fvj-rg9j | ||
url: https://github.com/owen2345/camaleon-cms/commit/05506e9087bb05282c0bae6ccfe0283d0332ab3c | ||
title: Camaleon CMS Stored Cross-site Scripting vulnerability | ||
date: 2022-05-24 | ||
description: | | ||
In “Camaleon CMS” application, versions 0.0.1 through 2.6.0 are vulnerable | ||
to stored XSS, that allows unprivileged application users to store malicious scripts | ||
in the comments section of the post. These scripts are executed in a victim’s browser | ||
when they open the page containing the malicious comment. | ||
cvss_v3: 6.1 | ||
unaffected_versions: | ||
- "< 0.0.1" | ||
patched_versions: | ||
- ">= 2.6.0.1" | ||
related: | ||
url: | ||
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25969 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
gem: camaleon_cms | ||
cve: 2021-25970 | ||
ghsa: 438x-2p9v-g8h9 | ||
url: https://github.com/owen2345/camaleon-cms/commit/77e31bc6cdde7c951fba104aebcd5ebb3f02b030 | ||
title: Camaleon CMS Insufficient Session Expiration vulnerability | ||
date: 2022-05-24 | ||
description: | | ||
Camaleon CMS 0.1.7 through 2.6.0 doesn’t terminate the active session | ||
of the users, even after the admin changes the user’s password. A user that was | ||
already logged in, will still have access to the application even after the password | ||
was changed. | ||
cvss_v3: 8.8 | ||
unaffected_versions: | ||
- "< 0.1.7" | ||
patched_versions: | ||
- ">= 2.6.0.1" | ||
related: | ||
url: | ||
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25970 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
gem: camaleon_cms | ||
cve: 2021-25971 | ||
ghsa: r2w2-h6r8-3r53 | ||
url: https://github.com/owen2345/camaleon-cms/commit/ab89584ab32b98a0af3d711e3f508a1d048147d2 | ||
title: Camaleon CMS vulnerable to Uncaught Exception | ||
date: 2022-05-24 | ||
description: | | ||
In Camaleon CMS, versions 2.0.1 through 2.6.0 are vulnerable to an Uncaught | ||
Exception. The app's media upload feature crashes permanently when an attacker with | ||
a low privileged access uploads a specially crafted .svg file. | ||
cvss_v3: 4.3 | ||
unaffected_versions: | ||
- "< 2.0.1" | ||
patched_versions: | ||
- ">= 2.6.0.1" | ||
related: | ||
url: | ||
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25971 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
gem: camaleon_cms | ||
cve: 2021-25972 | ||
ghsa: vx6p-q4gj-x6xx | ||
url: https://github.com/owen2345/camaleon-cms/commit/5a252d537411fdd0127714d66c1d76069dc7e190 | ||
title: Camaleon CMS vulnerable to Server-Side Request Forgery | ||
date: 2022-05-24 | ||
description: | | ||
In Camaleon CMS, versions 2.1.2.0 through 2.6.0, are vulnerable to Server-Side | ||
Request Forgery (SSRF) in the media upload feature, which allows admin users to | ||
fetch media files from external URLs but fails to validate URLs referencing to localhost | ||
or other internal servers. This allows attackers to read files stored in the internal | ||
server. | ||
cvss_v3: 4.9 | ||
unaffected_versions: | ||
- "< 2.1.2.0" | ||
patched_versions: | ||
- ">= 2.6.0.1" | ||
related: | ||
url: | ||
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25972 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
--- | ||
gem: ccsv | ||
cve: 2017-15364 | ||
ghsa: 5gxp-c379-pj42 | ||
url: https://github.com/evan/ccsv/issues/15 | ||
title: ccsv Double Free vulnerability | ||
date: 2022-05-17 | ||
description: | | ||
The foreach function in `ext/ccsv.c` in Ccsv 1.1.0 allows remote attackers | ||
to cause a denial of service (double free and application crash) or possibly have | ||
unspecified other impact via a crafted file. | ||
cvss_v3: 5.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
--- | ||
gem: commonmarker | ||
ghsa: 636f-xm5j-pj9m | ||
url: https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-636f-xm5j-pj9m | ||
title: Several quadratic complexity bugs may lead to denial of service in Commonmarker | ||
date: 2023-01-24 | ||
description: |- | ||
## Impact | ||
Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) | ||
library may lead to unbounded resource exhaustion and subsequent denial of service. | ||
The following vulnerabilities were addressed: | ||
* [CVE-2023-22483](https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c) | ||
* [CVE-2023-22484](https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r) | ||
* [CVE-2023-22485](https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr) | ||
* [CVE-2023-22486](https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p) | ||
For more information, consult the release notes for version | ||
[`0.23.0.gfm.7`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.7). | ||
## Mitigation | ||
Users are advised to upgrade to commonmarker version [`0.23.7`](https://rubygems.org/gems/commonmarker/versions/0.23.7). | ||
patched_versions: | ||
- ">= 0.23.7" | ||
related: | ||
cve: | ||
- 2023-22483 | ||
- 2023-22484 | ||
- 2023-22485 | ||
- 2023-22486 | ||
ghsa: | ||
- 29g3-96g3-jg6c | ||
- 24f7-9frr-5h2r | ||
- c944-cv5f-hpvr | ||
- r572-jvj2-3m8p |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
gem: fluentd | ||
cve: 2017-10906 | ||
ghsa: 5jrp-w8fr-mrww | ||
url: https://github.com/fluent/fluentd/pull/1733 | ||
title: Fluentd Escape Sequence Injection Vulnerability | ||
date: 2022-05-13 | ||
description: | | ||
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through | ||
0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands | ||
on the device via unspecified vectors. | ||
cvss_v3: 9.8 | ||
unaffected_versions: | ||
- "< 0.12.29" | ||
patched_versions: | ||
- ">= 0.12.41" | ||
related: | ||
url: | ||
- https://access.redhat.com/errata/RHSA-2018:2225 | ||
- https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes | ||
- https://jvn.jp/en/vu/JVNVU95124098/index.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
--- | ||
gem: git | ||
cve: 2022-47318 | ||
ghsa: pphf-gfrm-v32r | ||
url: https://github.com/ruby-git/ruby-git/pull/602 | ||
title: Code injection in ruby git | ||
date: 2023-01-17 | ||
description: | | ||
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker | ||
to execute an arbitrary ruby code by having a user to load a repository containing | ||
a specially crafted filename to the product. This vulnerability is different from | ||
CVE-2022-46648. | ||
cvss_v3: 8.0 | ||
patched_versions: | ||
- ">= 1.13.0" | ||
related: | ||
url: | ||
- https://jvn.jp/en/jp/JVN16765254/index.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
gem: gitaly | ||
cve: 2020-13353 | ||
ghsa: mmmm-chjf-jmvw | ||
url: https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13353.json | ||
title: Gitaly Insufficient Session Expiration vulnerability | ||
date: 2022-05-24 | ||
description: | | ||
When importing repos via URL, one time use git credentials were persisted | ||
beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are: | ||
>=1.79.0, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2. | ||
cvss_v3: 3.2 | ||
unaffected_versions: | ||
- "< 1.79.0" | ||
patched_versions: | ||
- "~> 13.3.9" | ||
- "~> 13.4.5" | ||
- ">= 13.5.2" | ||
related: | ||
url: | ||
- https://gitlab.com/gitlab-org/gitaly/-/issues/2882 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
gem: hammer_cli_foreman | ||
cve: 2017-2667 | ||
ghsa: 77h8-xr85-3x5q | ||
url: https://access.redhat.com/errata/RHSA-2018:0336 | ||
title: hammer_cli_foreman Improper Certificate Validation vulnerability | ||
date: 2022-05-13 | ||
description: | | ||
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not | ||
explicitly set the verify_ssl flag for apipie-bindings that disable it by default. | ||
As a result the server certificates are not checked and connections are prone to | ||
man-in-the-middle attacks. | ||
cvss_v3: 8.1 | ||
patched_versions: | ||
- ">= 0.10.0" | ||
related: | ||
url: | ||
- https://bugzilla.redhat.com/show_bug.cgi?id=1436262 | ||
- http://projects.theforeman.org/issues/19033 | ||
- http://www.securityfocus.com/bid/97153 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
gem: katello | ||
cve: 2016-3072 | ||
ghsa: 527r-mfmj-prqf | ||
url: https://github.com/Katello/katello/pull/6051 | ||
title: Katello SQL Injection vulnerabilities | ||
date: 2022-05-14 | ||
description: | | ||
Multiple SQL injection vulnerabilities in the scoped_search function | ||
in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated | ||
users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter. | ||
cvss_v3: 8.8 | ||
patched_versions: | ||
- ">= 2.4.3" | ||
related: | ||
url: | ||
- https://access.redhat.com/errata/RHSA-2016:1083 | ||
- https://bugzilla.redhat.com/show_bug.cgi?id=1322050 | ||
- https://github.com/Katello/katello/commit/5645ed4365980a34e30a9c57fe0793dff729e8e4 | ||
- https://access.redhat.com/security/cve/CVE-2016-3072 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
gem: katello | ||
cve: 2017-2662 | ||
ghsa: cpv6-pfq6-j2v7 | ||
url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2662 | ||
title: katello Improper Privilege Management vulnerability | ||
date: 2022-05-13 | ||
description: | | ||
A flaw was found in Foreman's katello plugin version 3.4.5. After setting | ||
a new role to allow restricted access on a repository with a filter (filter set | ||
on the Product Name), the filter is not respected when the actions are done via | ||
hammer using the repository id. | ||
cvss_v3: 4.3 | ||
patched_versions: | ||
- ">= 3.17.0.rc1" | ||
related: | ||
url: | ||
- https://projects.theforeman.org/issues/18838 | ||
- https://github.com/Katello/katello/pull/8772 | ||
- https://github.com/Katello/katello/commit/853260e3e9f94179d5881199e7885d1c08e600f6 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
--- | ||
gem: katello | ||
cve: 2018-14623 | ||
ghsa: jx5v-788g-qw58 | ||
url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14623 | ||
title: katello SQL Injection vulnerability | ||
date: 2022-05-13 | ||
description: | | ||
A SQL injection flaw was found in katello's errata-related API. An authenticated | ||
remote attacker can craft input data to force a malformed SQL query to the backend | ||
database, which will leak internal IDs. This is issue is related to an incomplete | ||
fix for CVE-2016-3072. Version 3.10 and older is vulnerable. | ||
cvss_v3: 4.3 | ||
related: | ||
url: | ||
- https://web.archive.org/web/20200227100255/http://www.securityfocus.com/bid/106224 | ||
ghsa: | ||
- 527r-mfmj-prqf |
Oops, something went wrong.