RubyGems - bundler-budit - Versions diffs - 0.6.1 - Mend

bundler-budit 0.6.1

Files changed (479) hide show

data/data/ruby-advisory-db/gems/sup/CVE-2013-4479.yml ADDED

@@ -0,0 +1,14 @@
+---
+gem: sup
+cve: 2013-4479
+osvdb: 99074
+url: http://www.phenoelit.org/stuff/whatsup.txt
+title:  Sup MUA Email Attachment Content Type Handling Arbitrary Command Execution
+date: 2013-10-29
+description: Sup MUA contains a flaw that is triggered when handling email
+  attachment content. This may allow a context-dependent attacker to execute
+  arbitrary commands.
+cvss_v2: 6.8
+patched_versions:
+  - "~> 0.13.2.1"
+  - ">= 0.14.1.1"

data/data/ruby-advisory-db/gems/thumbshooter/OSVDB-91839.yml ADDED

@@ -0,0 +1,9 @@
+---
+gem: thumbshooter
+cve: 2013-1898
+osvdb: 91839
+url: http://osvdb.org/show/osvdb/91839
+title: Thumbshooter Gem for Ruby thumbshooter.rb URL Shell Metacharacter Injection Arbitrary Command Execution
+date: 2013-03-26
+description: Thumbshooter Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input passed to thumbshooter.rb. With a specially crafted URL that contains shell metacharacters, a context-dependent attacker can execute arbitrary commands.
+cvss_v2: 7.5

data/data/ruby-advisory-db/gems/twitter-bootstrap-rails/OSVDB-109206.yml ADDED

@@ -0,0 +1,22 @@
+---
+gem: twitter-bootstrap-rails
+framework: rails
+cve: 2014-4920
+osvdb: 109206
+url: https://nvisium.com/blog/2014/03/28/reflected-xss-vulnerability-in-twitter
+title: Reflective XSS Vulnerability in twitter-bootstrap-rails
+date: 2014-03-25
+description: |
+  The twitter-bootstrap-rails Gem for Rails contains a flaw that enables a
+  reflected cross-site scripting (XSS) attack. This flaw exists because the
+  bootstrap_flash helper method does not validate input when handling flash
+  messages before returning it to users. This may allow a context-dependent
+  attacker to create a specially crafted request that would execute arbitrary
+  script code in a user's browser session within the trust relationship between
+  their browser and the server.
+cvss_v2:
+patched_versions:
+  - ">= 3.2.0"

data/data/ruby-advisory-db/gems/uglifier/OSVDB-126747.yml ADDED

@@ -0,0 +1,19 @@
+---
+gem: uglifier
+osvdb: 126747
+url: https://github.com/mishoo/UglifyJS2/issues/751
+title: uglifier incorrectly handles non-boolean comparisons during minification
+date: 2015-07-21
+description: |
+  The upstream library for the Ruby uglifier gem, UglifyJS, is
+  affected by a vulnerability that allows a specially crafted
+  Javascript file to have altered functionality after minification.
+  This bug, found in UglifyJS versions 2.4.23 and earlier, was demonstrated
+  to allow potentially malicious code to be hidden within secure code,
+  and activated by the minification process.
+  For more information, consult: https://zyan.scripts.mit.edu/blog/backdooring-js/
+patched_versions:
+  - ">= 2.7.2"

data/data/ruby-advisory-db/gems/web-console/CVE-2015-3224.yml ADDED

@@ -0,0 +1,22 @@
+---
+gem: web-console
+cve: 2015-3224
+url: https://groups.google.com/forum/#!topic/ruby-security-ann/lzmz9_ijUFw
+title: |
+  IP whitelist bypass in Web Console
+date: 2015-06-16
+description: |
+  Specially crafted remote requests can spoof their origin, bypassing the IP whitelist, in any environment where Web Console is enabled (development and test, by default).
+  Users whose application is only accessible from localhost (as is the default behaviour in Rails 4.2) are not affected, unless a local proxy is involved.
+  All affected users should either upgrade or use one of the work arounds immediately.
+  To work around this issue, turn off web-console in all environments, by removing/commenting it from the application's Gemfile.
+patched_versions:
+  - ">= 2.1.3"

data/data/ruby-advisory-db/gems/web-console/OSVDB-112346.yml ADDED

@@ -0,0 +1,12 @@
+---
+gem: web-console
+osvdb: 112346
+url: http://www.osvdb.org/show/osvdb/112346
+title: Web Console Gem for Ruby contains an unspecified flaw
+date: 2014-09-29
+description: The Web Console Gem for Ruby on Rails contains an unspecified flaw that
+  may allow an attacker to have an unspecified impact. No further details have been
+  provided by the vendor.
+cvss_v2:
+patched_versions:
+  - ">= 2.0.0.beta4"

data/data/ruby-advisory-db/gems/webbynode/OSVDB-100920.yml ADDED

@@ -0,0 +1,12 @@
+---
+gem: webbynode
+cve: 2013-7086
+osvdb: 100920
+url: http://osvdb.org/show/osvdb/100920
+title: Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution
+date: 2013-12-12
+description: |
+  Webbynode Gem for Ruby contains a flaw in notify.rb that is triggered
+  when handling a specially crafted growlnotify message. This may allow a
+  context-dependent attacker to execute arbitrary commands.
+cvss_v2: 7.5

data/data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml ADDED

@@ -0,0 +1,14 @@
+---
+gem: wicked
+cve: 2013-4413
+osvdb: 98270
+url: http://www.osvdb.org/show/osvdb/98270
+title: Wicked Gem for Ruby contains a flaw
+date: 2013-10-08
+description: Wicked Gem for Ruby contains a flaw that is due to the program
+  failing to properly sanitize input passed via the 'the_step' parameter
+  upon submission to the render_redirect.rb script.
+  This may allow a remote attacker to gain access to arbitrary files.
+cvss_v2: 5.0
+patched_versions:
+  - '>= 1.0.1'

data/data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml ADDED

@@ -0,0 +1,15 @@
+---
+gem: will_paginate
+osvdb: 101138
+cve: 2013-6459
+url: http://osvdb.org/show/osvdb/101138
+title: will_paginate Gem for Ruby Generated Pagination Link Unspecified XSS
+date: 2013-09-19
+description: will_paginate Gem for Ruby contains a flaw that allows a cross-site scripting (XSS) attack.
+  This flaw exists because the application does not validate certain unspecified input related to
+  generated pagination links before returning it to the user. This may allow an attacker to create
+  a specially crafted request that would execute arbitrary script code in a users browser within the
+  trust relationship between their browser and the server.
+cvss_v2: 4.3
+patched_versions:
+  - ">= 3.0.5"

data/data/ruby-advisory-db/gems/xaviershay-dm-rails/OSVDB-118579.yml ADDED

@@ -0,0 +1,13 @@
+---
+gem: xaviershay-dm-rails
+cve: 2015-2179
+osvdb: 118579
+url: http://osvdb.org/show/osvdb/118579
+title: |
+  xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table
+date: 2015-02-17
+description: |
+  xaviershay-dm-rails Gem for Ruby contains a flaw in the execute() function
+  in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is
+  due to the function exposing sensitive information via the process table.
+  This may allow a local attack to gain access to MySQL credential information.

data/data/ruby-advisory-db/gems/yajl-ruby/CVE-2017-16516.yml ADDED

@@ -0,0 +1,19 @@
+---
+gem: yajl-ruby
+cve: 2017-16516
+url: https://nvd.nist.gov/vuln/detail/CVE-2017-16516
+title: Flaw in yajl-ruby gem may cause a DoS
+date: 2017-11-03
+description: |
+  In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to
+  Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the
+  yajl_string_decode function in yajl_encode.c. This results in the whole ruby
+  process terminating and potentially a denial of service.
+patched_versions:
+  - ">= 1.3.1"
+related:
+  url:
+    - https://github.com/brianmario/yajl-ruby/issues/176

data/data/ruby-advisory-db/gems/yard/CVE-2017-17042.yml ADDED

@@ -0,0 +1,16 @@
+---
+gem: yard
+cve: 2017-17042
+url: https://nvd.nist.gov/vuln/detail/CVE-2017-17042
+date: 2017-11-28
+title: Potential arbitrary file read vulnerability in yard server
+description: |
+  lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block
+  relative paths with an initial ../ sequence, which allows attackers to conduct
+  directory traversal attacks and read arbitrary files.
+cvss_v2: 5.0
+cvss_v3: 7.5
+patched_versions:
+  - ">= 0.9.11"

data/data/ruby-advisory-db/lib/cf_scrape.py ADDED

@@ -0,0 +1,5 @@
+import cfscrape
+import sys
+scraper = cfscrape.create_scraper() # returns a requests.Session object
+print scraper.get(sys.argv[1]).content

data/data/ruby-advisory-db/lib/osvdb_scrape.rb ADDED

@@ -0,0 +1,92 @@
+require 'pry'
+require 'nokogiri'
+require 'yaml'
+require 'date'
+class OSVDB
+  attr_accessor :osvdb, :cve, :title, :description, :date, :cvss_v2, :gem, :url, :patched_versions, :page
+  def initialize(osvdb)
+    self.osvdb = osvdb
+    self.url = "http://osvdb.org/show/osvdb/#{self.osvdb}"
+    scrape!
+    parse!
+  end
+  def scrape!
+    html = `bash --login -c "python cf_scrape.py #{self.url}"`
+    doc = Nokogiri::XML(html) do |config|
+      config.nonet.noent
+    end
+    self.page = doc
+  end
+  def parse!
+    page.search(".show_vuln_table").search("td ul li").each do |li|
+      case li.children[0].text.strip
+      when "CVE ID:"
+        self.cve = li.children[1].text
+      when "Vendor URL:"
+        self.set_gem(li.children[1].text)
+      end
+    end
+    self.description = page.search(".show_vuln_table").search("tr td tr .white_content p")[0].text
+    self.date = page.search(".show_vuln_table").search("tr td tr .white_content tr td")[0].text
+    self.title = page.search("title").text.gsub(/\d+: /, "")
+    if cvss_p = page.search(".show_vuln_table").search("tr td tr .white_content div p")[0]
+      self.set_cvss(cvss_p.children[0].text)
+    end
+  end
+  def set_gem(vendortext)
+    ["https://rubygems.org/gems/", "http://rubygems.org/gems/"].each do |str|
+      if vendortext.match(str)
+        self.gem = vendortext.gsub(str,"")
+      end
+    end
+  end
+  def set_cvss(text)
+    self.cvss_v2 = text.strip.gsub("CVSSv2 Base Score = ", "")
+  end
+  def date
+    Date.parse(@date)
+  end
+  def cvss_v2
+    @cvss_v2.nil? ? nil : @cvss_v2.to_f
+  end
+  def gem
+    @gem.nil? ? "unknown" : @gem
+  end
+  def to_yaml
+    { 'gem' => gem,
+      'cve' => cve,
+      'osvdb' => osvdb.to_i,
+      'url' => url,
+      'title' => title,
+      'date' => date,
+      'description' => description,
+      'cvss_v2' => cvss_v2,
+      'patched_versions' => patched_versions
+    }.to_yaml(options = { line_width: 80 })
+  end
+  def filename
+    "OSVDB-#{osvdb}.yml"
+  end
+  def to_advisory!
+    gems_path = File.join(File.dirname(__FILE__), "..", "gems")
+    adv_path = File.absolute_path(File.join(gems_path, self.gem))
+    FileUtils.mkdir(adv_path) unless File.exists?(adv_path)
+    File.open(File.join(adv_path, filename), "w") do |io|
+      io.puts self.to_yaml
+    end
+  end
+end

data/data/ruby-advisory-db/libraries/rubygems/CVE-2013-4287.yml ADDED

@@ -0,0 +1,19 @@
+---
+library: rubygems
+cve: 2013-4287
+osvdb: 97163
+url: http://blog.rubygems.org/2013/09/09/CVE-2013-4287.html
+title: RubyGems Multiple API Call Version Validation CPU Consumption DoS
+date: 2013-09-09
+description: |
+  RubyGems contains a flaw that may allow a denial of service. The issue is
+  triggered when handling the gem build, Gem::Package, or Gem::PackageTask API
+  calls, which attempt to validate the version of the program. This may allow a
+  context-dependent attacker to cause a consumption of CPU resources and crash
+  the program.
+cvss_v2: 4.3
+patched_versions:
+  - ~> 1.8.23.1
+  - ~> 1.8.26
+  - ~> 2.0.8
+  - ">= 2.1.0"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2013-4363.yml ADDED

@@ -0,0 +1,20 @@
+---
+library: rubygems
+cve: 2013-4363
+osvdb: 97163
+url: http://blog.rubygems.org/2013/09/24/CVE-2013-4363.html
+title: RubyGems Multiple API Call Version Validation CPU Consumption DoS
+date: 2013-09-24
+description: |
+  RubyGems contains a flaw that may allow a denial of service. The issue is
+  triggered when handling the gem build, Gem::Package, or Gem::PackageTask API
+  calls, which attempt to validate the version of the program. This may allow a
+  context-dependent attacker to cause a consumption of CPU resources and crash
+  the program. This vulnerability is due to an incomplete fix for
+  CVE-2013-4287, which allowed a denial of service via improper validation.
+cvss_v2: 4.3
+patched_versions:
+  - ~> 1.8.23.2
+  - ~> 1.8.27
+  - ~> 2.0.10
+  - ">= 2.1.5"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2015-3900.yml ADDED

@@ -0,0 +1,19 @@
+---
+library: rubygems
+cve: 2015-3900
+osvdb: 122162
+url: https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356
+title: |
+  RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record
+  Hostname Validation Request Hijacking
+date: 2015-05-14
+description: |
+  RubyGems contains a flaw in the api_endpoint() function in remote_fetcher.rb
+  that is triggered when handling hostnames in SRV records. With a specially
+  crafted response, a context-dependent attacker may conduct DNS hijacking
+  attacks.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 2.0.16
+  - ~> 2.2.4
+  - ">= 2.4.7"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2015-4020.yml ADDED

@@ -0,0 +1,19 @@
+---
+library: rubygems
+cve: 2015-4020
+url: https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478
+title: |
+  RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record
+  Hostname Validation Request Hijacking
+date: 2015-06-08
+description: |
+  RubyGems contains a flaw in the api_endpoint() function in remote_fetcher.rb
+  that is triggered when handling hostnames in SRV records. With a specially
+  crafted response, a context-dependent attacker may conduct DNS hijacking
+  attacks. This vulnerability is due to an incomplete fix for CVE-2015-3900,
+  which allowed redirection to an arbitrary gem server in any security domain.
+cvss_v2: 5.0
+patched_versions:
+  - ~> 2.0.17
+  - ~> 2.2.5
+  - ">= 2.4.8"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2017-0899.yml ADDED

@@ -0,0 +1,15 @@
+---
+library: rubygems
+cve: 2017-0899
+url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+title: RubyGems ANSI escape sequence vulnerability
+date: 2017-08-29
+description: |
+  RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem
+  specifications that include terminal escape characters. Printing the gem
+  specification would execute terminal escape sequences.
+cvss_v2: 7.5
+patched_versions:
+  - ">= 2.4.5.3"
+  - ">= 2.5.2.1"
+  - ">= 2.6.13"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2017-0900.yml ADDED

@@ -0,0 +1,15 @@
+---
+library: rubygems
+cve: 2017-0900
+url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+title: RubyGems DoS vulnerability in the query command
+date: 2017-08-29
+description: |
+  RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem
+  specifications to cause a denial of service attack against RubyGems clients
+  who have issued a `query` command.
+cvss_v2: 5.0
+patched_versions:
+  - ">= 2.4.5.3"
+  - ">= 2.5.2.1"
+  - ">= 2.6.13"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2017-0901.yml ADDED

@@ -0,0 +1,15 @@
+---
+library: rubygems
+cve: 2017-0901
+url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+title: RubyGems vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files
+date: 2017-08-29
+description: |
+  RubyGems version 2.6.12 and earlier fails to validate specification names,
+  allowing a maliciously crafted gem to potentially overwrite any file on the
+  filesystem.
+cvss_v2: 6.4
+patched_versions:
+  - ">= 2.4.5.3"
+  - ">= 2.5.2.1"
+  - ">= 2.6.13"

data/data/ruby-advisory-db/libraries/rubygems/CVE-2017-0902.yml ADDED

@@ -0,0 +1,15 @@
+---
+library: rubygems
+cve: 2017-0902
+url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
+title: RubyGems DNS request hijacking vulnerability
+date: 2017-08-29
+description: |
+  RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking
+  vulnerability that allows a MITM attacker to force the RubyGems client to
+  down load and install gems from a server that the attacker controls.
+cvss_v2: 6.8
+patched_versions:
+  - ">= 2.4.5.3"
+  - ">= 2.5.2.1"
+  - ">= 2.6.13"