Medium severity4.3NVD Advisory· Published May 23, 2022· Updated Jun 17, 2026
CVE-2022-1810
CVE-2022-1810
Description
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
publify_coreRubyGems | < 9.2.9 | 9.2.9 |
Affected products
3- osv-coords2 versions
< 9.2.9+ 1 more
- (no CPE)range: < 9.2.9
- (no CPE)range: < 9.2.9
- Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/publify/publify/commit/c0aba87844d1e47da50c0d99a3465164a4d244cenvdPatchThird Party AdvisoryWEB
- huntr.dev/bounties/9b2d7579-032e-42da-b736-4b10a868eacbnvdExploitPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-c273-c6vg-4pv5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1810ghsaADVISORY
- github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2022-1810.ymlghsaWEB
News mentions
0No linked articles in our index yet.