CVE-2020-14001 – kramdown

Package

Manager: gem
Name: kramdown
Vulnerable Version: >=0 <2.3.0

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.03629 pctl0.87365

Details

Unintended read access in kramdown gem The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.

Metadata

Created: 2020-08-07T22:27:41Z
Modified: 2022-04-29T20:26:19Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/08/GHSA-mqm2-cgpr-p4m6/GHSA-mqm2-cgpr-p4m6.json
CWE IDs: ["CWE-862"]
Alternative ID: GHSA-mqm2-cgpr-p4m6
Finding: F039
Auto approve: 1