Moderate severityNVD Advisory· Published Jan 14, 2023· Updated Apr 7, 2025
Insecure Storage of Sensitive Information in publify/publify
CVE-2022-2815
Description
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
publify_coreRubyGems | < 9.2.10 | 9.2.10 |
Affected products
3- osv-coords2 versions
< 9.2.10+ 1 more
- (no CPE)range: < 9.2.10
- (no CPE)range: < 9.2.10
- Range: unspecified
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-79wq-g4v9-gfj4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-2815ghsaADVISORY
- github.com/publify/publify/commit/af69097d349f4c00f244c51cd3c3e937fd3387cdghsaWEB
- github.com/publify/publify_core/commit/33f897c12b6efdcdfd8cf9df924deba0f878b71eghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2022-2815.ymlghsaWEB
- huntr.dev/bounties/22fdcc39-8c1a-4e4c-8eae-be3fd764f8b4ghsaWEB
News mentions
0No linked articles in our index yet.