pkg:RubyGems/publify_core

所有已知漏洞

• CRITICAL9.8CVE-2022-1812Integer overflow in publify_core
  from 0, < 9.2.10
• CRITICAL9.8CVE-2023-0299Publify Improper Input Validation vulnerability
  from 0, < 9.2.10
• CRITICAL9.1CVE-2022-1811Publify vulnerable to cross site scripting
  from 0, < 9.2.9
• HIGH7.5CVE-2014-3211Publify vulnerable to DoS attack
  from 0, < 8.0.1
• HIGH7.5CVE-2022-0524Publify Business Logic Errors
  from 0, < 9.2.7
• MEDIUM6.5CVE-2023-0569Publify contains Weak Password Requirements
  from 0, < 9.2.10
• MEDIUM6.5CVE-2022-2815Publify Core does not strip metadata from images
  from 0, < 9.2.10
• MEDIUM6.5CVE-2022-0574Publify Incorrect Authorization
  from 0, < 9.2.8
• MEDIUM6.5CVE-2022-0578Publify vulnerable to code injection
  from 0, < 9.2.8
• MEDIUM6.5CVE-2021-25973Publify `guest` role users can self-register even when the admin does not allow it
  >= 9.0.0.pre1, < 9.2.5
• MEDIUM5.4CVE-2021-25974Cross site scripting in publify
  >= 8.0, < 9.2.5
• MEDIUM5.4CVE-2021-25975Cross site scripting in publify
  >= 8.0, < 9.2.5
• MEDIUM4.9CVE-2022-1553Publify exposes article metadata
  from 0, < 9.2.8
• MEDIUM4.3CVE-2022-1810Publify has Improper Access Controls
  from 0, < 9.2.9
• —CVE-2024-39311Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction
  from 0, < 10.0.2