Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01d3c5LTlxcDIteDUyNM4AAs80
Improper handling of double quotes in file name in Diffy in Windows environment
The function that calls the diff tool in versions of Diffy prior to 3.4.1 does not properly handle double quotes in a filename when run in a Windows environment. This allows attackers to execute arbitrary commands via a crafted string.
Permalink: https://github.com/advisories/GHSA-5ww9-9qp2-x524JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01d3c5LTlxcDIteDUyNM4AAs80
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 2 years ago
Updated: about 1 year ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-5ww9-9qp2-x524, CVE-2022-33127
References:
- https://nvd.nist.gov/vuln/detail/CVE-2022-33127
- https://github.com/samg/diffy/commit/478f392082b66d38f54a02b4bb9c41be32fd6593
- https://github.com/samg/diffy/blob/56fd935aea256742f7352b050592542d3d153bf6/CHANGELOG#L1
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/diffy/CVE-2022-33127.yml
- https://github.com/advisories/GHSA-5ww9-9qp2-x524
Blast Radius: 37.2
Affected Packages
rubygems:diffy
Dependent packages: 209Dependent repositories: 6,198
Downloads: 59,315,553 total
Affected Version Ranges: < 3.4.1
Fixed in: 3.4.1
All affected versions: 1.1.0, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.1.0, 3.2.0, 3.2.1, 3.3.0, 3.4.0
All unaffected versions: 3.4.1, 3.4.2