pkg:RubyGems/publify_core

All known vulnerabilities

• CRITICAL9.8CVE-2022-1812Integer overflow in publify_core
  from 0, < 9.2.10
• CRITICAL9.8CVE-2023-0299Publify Improper Input Validation vulnerability
  from 0, < 9.2.10
• CRITICAL9.1CVE-2022-1811Publify vulnerable to cross site scripting
  from 0, < 9.2.9
• HIGH7.5Publify vulnerable to DoS attack
  from 0, < 8.0.1
• HIGH7.5Publify Business Logic Errors
  from 0, < 9.2.7
• MEDIUM6.5Publify contains Weak Password Requirements
  from 0, < 9.2.10
• MEDIUM6.5Publify Core does not strip metadata from images
  from 0, < 9.2.10
• MEDIUM6.5Publify Incorrect Authorization
  from 0, < 9.2.8
• MEDIUM6.5Publify vulnerable to code injection
  from 0, < 9.2.8
• MEDIUM6.5Publify `guest` role users can self-register even when the admin does not allow it
  >= 9.0.0.pre1, < 9.2.5
• MEDIUM5.4Cross site scripting in publify
  >= 8.0, < 9.2.5
• MEDIUM5.4Cross site scripting in publify
  >= 8.0, < 9.2.5
• MEDIUM4.9Publify exposes article metadata
  from 0, < 9.2.8
• MEDIUM4.3Publify has Improper Access Controls
  from 0, < 9.2.9
• —Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction
  from 0, < 10.0.2