EUVD-2022-5520

Malicious code in bioql PyPI...

CVE-2022-2815

CVE-2022-2815 affects Publify/publify versions prior to 9.2.10 due to insecure storage of sensitive information in the GitHub repository. The provided sources describe the root cause as insecure storage, implying potential disclosure of sensitive data. Remediation: upgrade to version 9.2.10 or la...

CVE-2022-1811

CVE-2022-1811 applies to Publify/Publify prior to 9.2.9. The vulnerability is an unrestricted upload of a file with a dangerous type due to insufficient validation of uploaded files in the application, enabling potential remote code execution. Affected software: Publify (GitHub repo publify/publi...

CVE-2022-1810 Authorization Bypass Through User-Controlled Key in publify/publify

Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...

CVE-2022-0524

CVE-2022-0524 concerns business logic errors in Publify (Typo) prior to version 9.2.7. Multiple sources confirm the issue affects the Publify repository and Rubygems packaging, with remediation to update to 9.2.7 or later. The available documents describe the vulnerability class as business logic...

CVE-2022-0524 Business Logic Errors in publify/publify

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...