Publify/publify
by Publify
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-1812 | Cri | 0.59 | 9.8 | 0.31 | Jan 14, 2023 | Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||
| CVE-2023-0299 | Cri | 0.57 | 9.8 | 0.01 | Jan 14, 2023 | Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. | ||
| CVE-2022-0524 | Hig | 0.42 | 7.5 | 0.02 | Feb 8, 2022 | Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. | ||
| CVE-2023-0569 | Med | 0.35 | 6.5 | 0.01 | Jan 29, 2023 | Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. | ||
| CVE-2022-2815 | Med | 0.35 | 6.5 | 0.01 | Jan 14, 2023 | Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. | ||
| CVE-2022-0578 | Med | 0.35 | 6.5 | 0.01 | May 16, 2022 | Code Injection in GitHub repository publify/publify prior to 9.2.8. | ||
| CVE-2022-0574 | Med | 0.35 | 6.5 | 0.01 | May 16, 2022 | Improper Access Control in GitHub repository publify/publify prior to 9.2.8. | ||
| CVE-2022-1811 | Med | 0.28 | 5.4 | 0.01 | May 23, 2022 | Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. | ||
| CVE-2022-1553 | Med | 0.25 | 4.9 | 0.01 | May 16, 2022 | Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising… | ||
| CVE-2022-1810 | Med | 0.21 | 4.3 | 0.01 | May 23, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. | ||
| CVE-2024-39311 | 0.00 | — | 0.00 | Mar 28, 2025 | Publify is a self hosted Web publishing platform on Rails. Prior to version 10.0.1 of Publify, corresponding to versions prior to 10.0.2 of the `publify_core` rubygem, publisher on a `publify` application is able to perform a cross-site scripting (XSS) attack on an administrator… |
- risk 0.59cvss 9.8epss 0.31
Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10.
- risk 0.57cvss 9.8epss 0.01
Improper Input Validation in GitHub repository publify/publify prior to 9.2.10.
- risk 0.42cvss 7.5epss 0.02
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7.
- risk 0.35cvss 6.5epss 0.01
Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10.
- risk 0.35cvss 6.5epss 0.01
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.
- risk 0.35cvss 6.5epss 0.01
Code Injection in GitHub repository publify/publify prior to 9.2.8.
- risk 0.35cvss 6.5epss 0.01
Improper Access Control in GitHub repository publify/publify prior to 9.2.8.
- risk 0.28cvss 5.4epss 0.01
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.
- risk 0.25cvss 4.9epss 0.01
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising…
- risk 0.21cvss 4.3epss 0.01
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
- CVE-2024-39311Mar 28, 2025risk 0.00cvss —epss 0.00
Publify is a self hosted Web publishing platform on Rails. Prior to version 10.0.1 of Publify, corresponding to versions prior to 10.0.2 of the `publify_core` rubygem, publisher on a `publify` application is able to perform a cross-site scripting (XSS) attack on an administrator…