Skip to content

Instantly share code, notes, and snippets.

@jasnow

jasnow/gist:6a06d85dedba78af53915fa64e7ef221

Created June 28, 2023 16:40
Show Gist options
  • Save jasnow/6a06d85dedba78af53915fa64e7ef221 to your computer and use it in GitHub Desktop.
Save jasnow/6a06d85dedba78af53915fa64e7ef221 to your computer and use it in GitHub Desktop.
Download ZIP
PR#585/ISS#580 notes
Raw
gistfile1.txt
Some questions about PR#585 and issue#580,:
1. Does it include "rubies" too?
2. Does it include "related:/cve:" and "related:/ghsa:" too?
OUPTUT OF dups-in-dir.sh script:
Check for duplicate cve values in same dir
----------------------------------------
gems/json/CVE-2013-0269.yml:cve: 2013-0269
gems/json/CVE-2020-10663.yml: - 2013-0269
----------------------------------------
gems/puma/CVE-2019-16770.yml:cve: 2019-16770
gems/puma/CVE-2020-5247.yml:cve: 2020-5247
gems/puma/CVE-2020-5249.yml: - 2020-5247
gems/puma/CVE-2021-29509.yml: - 2019-16770
----------------------------------------
gems/passenger/CVE-2018-12026.yml: - 2018-12027
gems/passenger/CVE-2018-12027.yml:cve: 2018-12027
----------------------------------------
gems/devise-two-factor/CVE-2015-7225.yml:cve: 2015-7225
gems/devise-two-factor/CVE-2021-43177.yml: - 2015-7225
----------------------------------------
gems/nokogiri/CVE-2013-6461.yml:cve: 2013-6461
gems/nokogiri/CVE-2017-15412.yml: - 2017-18258
gems/nokogiri/CVE-2017-18258.yml:cve: 2017-18258
gems/nokogiri/CVE-2019-13117.yml: - 2019-13118
gems/nokogiri/CVE-2019-13118.yml:cve: 2019-13118
gems/nokogiri/CVE-2021-30560.yml: - 2021-30560
gems/nokogiri/CVE-2021-30560.yml:cve: 2021-30560
gems/nokogiri/OSVDB-118481.yml: - 2013-6461
----------------------------------------
gems/bundler/CVE-2013-0334.yml:cve: 2013-0334
gems/bundler/CVE-2016-7954.yml: - 2013-0334
----------------------------------------
gems/sup/CVE-2013-4478.yml: - 2013-4479
gems/sup/CVE-2013-4478.yml:cve: 2013-4478
gems/sup/CVE-2013-4479.yml: - 2013-4478
gems/sup/CVE-2013-4479.yml:cve: 2013-4479
----------------------------------------
gems/rubyzip/CVE-2017-5946.yml:cve: 2017-5946
gems/rubyzip/CVE-2018-1000544.yml: - 2017-5946
----------------------------------------
gems/rails-html-sanitizer/CVE-2022-23520.yml: - 2022-32209
gems/rails-html-sanitizer/CVE-2022-32209.yml:cve: 2022-32209
----------------------------------------
gems/actionpack/CVE-2021-22881.yml:cve: 2021-22881
gems/actionpack/CVE-2021-22903.yml: - 2021-22881
gems/actionpack/CVE-2021-22942.yml: - 2021-22881
gems/actionpack/CVE-2021-44528.yml: - 2021-22881
----------------------------------------
gems/rwiki/CVE-2006-2581.yml: - 2006-2582
gems/rwiki/CVE-2006-2581.yml:cve: 2006-2581
gems/rwiki/CVE-2006-2582.yml: - 2006-2581
gems/rwiki/CVE-2006-2582.yml:cve: 2006-2582
----------------------------------------
Check for duplicate ghsa values in same dir
----------------------------------------
gems/katello/CVE-2016-3072.yml:ghsa: 527r-mfmj-prqf
gems/katello/CVE-2018-14623.yml: - 527r-mfmj-prqf
----------------------------------------
gems/nokogiri/CVE-2022-24839.yml:ghsa: gx8x-g87m-h5q6
gems/nokogiri/CVE-2022-24839.yml: - gx8x-g87m-h5q6
----------------------------------------
gems/sup/CVE-2013-4478.yml:ghsa: 5f2p-6vjv-2q2m
gems/sup/CVE-2013-4478.yml: - hh2x-7mf9-78fr
gems/sup/CVE-2013-4479.yml: - 5f2p-6vjv-2q2m
gems/sup/CVE-2013-4479.yml:ghsa: hh2x-7mf9-78fr
----------------------------------------
gems/rwiki/CVE-2006-2581.yml:ghsa: gvhx-gj42-m28v
gems/rwiki/CVE-2006-2581.yml: - wwmf-6p58-6vj2
gems/rwiki/CVE-2006-2582.yml:ghsa: wwmf-6p58-6vj2
gems/rwiki/CVE-2006-2582.yml: - gvhx-gj42-m28v
----------------------------------------
rubies/ruby/CVE-2008-2662.yml:ghsa: c4h6-p7gp-39x2
rubies/ruby/CVE-2008-2663.yml:ghsa: c4h6-p7gp-39x2
rubies/ruby/CVE-2008-2664.yml:ghsa: c4h6-p7gp-39x2
rubies/ruby/CVE-2008-2725.yml:ghsa: c4h6-p7gp-39x2
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment