Skip to content

Commit e3c8e1c

Browse files
jasnowjasnow
authored
Added gems/discordrb/CVE-2023-28102.yml advisory (#642)
* Note: a patched version has not yet been released.
1 parent aab7beb commit e3c8e1c

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

gems/discordrb/CVE-2023-28102.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
---
2+
gem: discordrb
3+
cve: 2023-28102
4+
url: https://securitylab.github.com/advisories/GHSL-2022-094_discordrb
5+
title: "GHSL-2022-094: Remote Code Execution in discordrb"
6+
date: 2023-03-27
7+
description: |
8+
The encode_file method may lead to remote code execution (RCE) if
9+
invoked with untrusted user-controlled data.
10+
cvss_v3: 9.6
11+
notes: "Not patched yet"
12+
related:
13+
url:
14+
- https://nvd.nist.gov/vuln/detail/CVE-2023-28102
15+
- https://securitylab.github.com/advisories/GHSL-2022-094_discordrb
16+
- https://github.com/shardlab/discordrb/releases/tag/v3.4.1
17+
- https://rubygems.org/gems/discordrb

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy