Improper handling of double quotes in file name in Diffy in Windows environment
Published: June 24, 2022
SECURITY IDENTIFIERS
- CVE: CVE-2022-33127 (NVD)
- GHSA: GHSA-5ww9-9qp2-x524
- Vendor Advisory: https://github.com/samg/diffy/commit/478f392082b66d38f54a02b4bb9c41be32fd6593
GEM
SEVERITY
CVSS v3.x: 9.8 (Critical)
PATCHED VERSIONS
>= 3.4.1
DESCRIPTION
The function that calls the diff tool in versions of Diffy prior to 3.4.1 does not properly handle double quotes in a filename when run in a Windows environment. This allows attackers to execute arbitrary commands via a crafted string.