Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01d3c5LTlxcDIteDUyNM4AAs80
Improper handling of double quotes in file name in Diffy in Windows environment
The function that calls the diff tool in versions of Diffy prior to 3.4.1 does not properly handle double quotes in a filename when run in a Windows environment. This allows attackers to execute arbitrary commands via a crafted string.
Permalink: https://github.com/advisories/GHSA-5ww9-9qp2-x524JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01d3c5LTlxcDIteDUyNM4AAs80
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 2 years ago
Updated: almost 2 years ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Percentage: 0.00178
EPSS Percentile: 0.55124
Identifiers: GHSA-5ww9-9qp2-x524, CVE-2022-33127
References:
- https://nvd.nist.gov/vuln/detail/CVE-2022-33127
- https://github.com/samg/diffy/commit/478f392082b66d38f54a02b4bb9c41be32fd6593
- https://github.com/samg/diffy/blob/56fd935aea256742f7352b050592542d3d153bf6/CHANGELOG#L1
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/diffy/CVE-2022-33127.yml
- https://github.com/advisories/GHSA-5ww9-9qp2-x524
Blast Radius: 37.2
Affected Packages
rubygems:diffy
Dependent packages: 211Dependent repositories: 6,198
Downloads: 72,762,832 total
Affected Version Ranges: < 3.4.1
Fixed in: 3.4.1
All affected versions: 1.1.0, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.1.0, 3.2.0, 3.2.1, 3.3.0, 3.4.0
All unaffected versions: 3.4.1, 3.4.2, 3.4.3