RubySec

Providing security resources for the Ruby community

CVE-2022-2815 (publify_core): Publify Core does not strip metadata from images

ADVISORIES

GEM

publify_core

SEVERITY

CVSS v3.x: 6.5 (Medium)

PATCHED VERSIONS

  • >= 9.2.10

DESCRIPTION

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.

RELATED

Contact us @rubysec or open an issue on our GitHub repository.

Recent Advisories