Critical severityNVD Advisory· Published Jan 14, 2023· Updated Apr 7, 2025
Improper Input Validation in publify/publify
CVE-2023-0299
Description
Improper Input Validation in GitHub repository publify/publify prior to 9.2.10.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
publify_coreRubyGems | < 9.2.10 | 9.2.10 |
Affected products
3- osv-coords2 versions
< 9.2.10+ 1 more
- (no CPE)range: < 9.2.10
- (no CPE)range: < 9.2.10
- Range: unspecified
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-q3rm-f527-ghxjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-0299ghsaADVISORY
- github.com/publify/publify/commit/ca46da283572b4f8c0b5aa245008756c8a5fd1b1ghsaWEB
- github.com/publify/publify_core/commit/34f6e9c98e0e3b3f9896f9676b3d6442220e2b4eghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2023-0299.ymlghsaWEB
- huntr.dev/bounties/0049774b-1857-46dc-a834-f1fb15138c53ghsaWEB
News mentions
0No linked articles in our index yet.