Integer overflow in publify_core
Published: January 14, 2023
SECURITY IDENTIFIERS
- CVE: CVE-2022-1812 (NVD)
- GHSA: GHSA-rc42-jghf-vr8f
- Vendor Advisory: https://github.com/publify/publify/commit/29a5837c29620e33857d7a5afce01384e3f8e41a
GEM
SEVERITY
CVSS v3.x: 9.8 (Critical)
PATCHED VERSIONS
>= 9.2.10
DESCRIPTION
Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10 due to an unlimited length user name field.