Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xbTItY2dwci1wNG02
Unintended read access in kramdown gem
The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.
Permalink: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xbTItY2dwci1wNG02
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 4 years ago
Updated: over 1 year ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Percentage: 0.01114
EPSS Percentile: 0.84293
Identifiers: GHSA-mqm2-cgpr-p4m6, CVE-2020-14001
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-14001
- https://github.com/gettalong/kramdown/commit/1b8fd33c3120bfc6e5164b449e2c2fc9c9306fde
- https://github.com/gettalong/kramdown/compare/REL_2_2_1...REL_2_3_0
- https://kramdown.gettalong.org
- https://kramdown.gettalong.org/news.html
- https://rubygems.org/gems/kramdown
- https://security.netapp.com/advisory/ntap-20200731-0004/
- https://lists.apache.org/thread.html/r96df7899fbb456fe2705882f710a0c8e8614b573fbffd8d12e3f54d2@%3Cnotifications.fluo.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2020/08/msg00014.html
- https://www.debian.org/security/2020/dsa-4743
- https://lists.fedoraproject.org/archives/list/[email protected]/message/ENMMGKHRQIZ3QKGOMBBBGB6B4LB5I7NQ/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/KBLTGBYU7NKOUOHDKVCU4GFZMGA6BP4L/
- https://usn.ubuntu.com/4562-1/
- https://github.com/advisories/GHSA-mqm2-cgpr-p4m6
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/kramdown/CVE-2020-14001.yml
Blast Radius: 55.7
Affected Packages
rubygems:kramdown
Dependent packages: 656Dependent repositories: 485,485
Downloads: 175,829,315 total
Affected Version Ranges: < 2.3.0
Fixed in: 2.3.0
All affected versions: 0.1.0, 0.2.0, 0.3.0, 0.4.0, 0.5.0, 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0, 0.12.0, 0.13.1, 0.13.2, 0.13.3, 0.13.4, 0.13.5, 0.13.6, 0.13.7, 0.13.8, 0.14.0, 0.14.1, 0.14.2, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.2.0, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.4.0, 1.4.1, 1.4.2, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.11.0, 1.11.1, 1.12.0, 1.13.0, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.16.0, 1.16.1, 1.16.2, 1.17.0, 2.0.0, 2.1.0, 2.2.0, 2.2.1
All unaffected versions: 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.5.0, 2.5.1