VYPR
Vendor

Publify

Products
1
CVEs
11
Across products
11
Status
Private

Products

1

Recent CVEs

11
  • CVE-2022-1812CriJan 14, 2023
    risk 0.59cvss 9.8epss 0.31

    Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10.

  • CVE-2023-0299CriJan 14, 2023
    risk 0.57cvss 9.8epss 0.01

    Improper Input Validation in GitHub repository publify/publify prior to 9.2.10.

  • CVE-2022-0524HigFeb 8, 2022
    risk 0.42cvss 7.5epss 0.02

    Business Logic Errors in GitHub repository publify/publify prior to 9.2.7.

  • CVE-2023-0569MedJan 29, 2023
    risk 0.35cvss 6.5epss 0.01

    Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10.

  • CVE-2022-2815MedJan 14, 2023
    risk 0.35cvss 6.5epss 0.01

    Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.

  • CVE-2022-0578MedMay 16, 2022
    risk 0.35cvss 6.5epss 0.01

    Code Injection in GitHub repository publify/publify prior to 9.2.8.

  • CVE-2022-0574MedMay 16, 2022
    risk 0.35cvss 6.5epss 0.01

    Improper Access Control in GitHub repository publify/publify prior to 9.2.8.

  • CVE-2022-1811MedMay 23, 2022
    risk 0.28cvss 5.4epss 0.01

    Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.

  • CVE-2022-1553MedMay 16, 2022
    risk 0.25cvss 4.9epss 0.01

    Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising…

  • CVE-2022-1810MedMay 23, 2022
    risk 0.21cvss 4.3epss 0.01

    Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.

  • CVE-2024-39311Mar 28, 2025
    risk 0.00cvss epss 0.00

    Publify is a self hosted Web publishing platform on Rails. Prior to version 10.0.1 of Publify, corresponding to versions prior to 10.0.2 of the `publify_core` rubygem, publisher on a `publify` application is able to perform a cross-site scripting (XSS) attack on an administrator…