Updated advisory posts against rubysec/ruby-advisory-db@e7530e9

jasnow · RubySec CI · commit 3713d3ebdaf5 · 2025-11-27T07:12:40.000Z
diff --git a/advisories/_posts/2018-09-13-CVE-2018-14041.md b/advisories/_posts/2018-09-13-CVE-2018-14041.md
@@ -7,7 +7,7 @@ categories:
 advisory:
   gem: bootstrap
   cve: 2018-14041
-  ghsa: 3wqf-4x89-9g79
+  ghsa: pj7m-g53m-7638
   url: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
   title: Bootstrap vulnerable to Cross-Site Scripting (XSS)
   date: 2018-09-13
@@ -19,7 +19,7 @@ advisory:
   - ">= 4.1.2"
   related:
     url:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-14040
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-14041
     - https://github.com/twbs/bootstrap/issues/26625
     - https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
     - https://github.com/twbs/bootstrap/issues/26423
@@ -31,5 +31,5 @@ advisory:
     - https://seclists.org/bugtraq/2019/May/18
     - https://www.oracle.com/security-alerts/cpuApr2021.html
     - https://www.tenable.com/security/tns-2021-14
-    - https://github.com/advisories/GHSA-3wqf-4x89-9g79
+    - https://github.com/advisories/GHSA-pj7m-g53m-7638
 ---
diff --git a/advisories/_posts/2022-03-03-CVE-2024-22051.md b/advisories/_posts/2022-03-03-CVE-2024-22051.md
@@ -9,16 +9,16 @@ advisory:
   gem: commonmarker
   cve: 2024-22051
   ghsa: fmx4-26r3-wxpf
-  url: https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
+  url: https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf
   title: Integer overflow in cmark-gfm table parsing extension leads to heap memory
     corruption
   date: 2022-03-03
-  description: |2
-
+  description: |
     ### Impact
 
     CommonMarker uses `cmark-gfm` for rendering
     [Github Flavored Markdown](https://github.github.com/gfm/).
+
     An [integer overflow in `cmark-gfm`'s table row parsing](https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x)
     may lead to heap memory corruption when parsing tables who's marker
     rows contain more than UINT16_MAX columns. The impact of this heap
@@ -54,7 +54,7 @@ advisory:
     If you have any questions or comments about this advisory:
 
     * Open an issue in [CommonMarker](http://github.com/gjtorikian/commonmarker)
-  cvss_v3: 8.8
+  cvss_v3: 9.8
   patched_versions:
   - ">= 0.23.4"
   related:
diff --git a/advisories/_posts/2023-10-24-CVE-2024-0241.md b/advisories/_posts/2023-10-24-CVE-2024-0241.md
@@ -59,6 +59,7 @@ advisory:
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2024-0241
+    - https://github.com/stevegeek/encoded_id-rails/releases/tag/1.0.0.beta2
     - https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c
     - https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91
     - https://github.com/advisories/GHSA-3px7-jm2p-6h2c
diff --git a/advisories/_posts/2025-08-20-CVE-2011-10026.md b/advisories/_posts/2025-08-20-CVE-2011-10026.md
@@ -0,0 +1,39 @@
+---
+layout: advisory
+title: 'CVE-2011-10026 (spree): Spree Commerce is vulnerable to RCE through Search
+  API'
+comments: false
+categories:
+- spree
+advisory:
+  gem: spree
+  cve: 2011-10026
+  ghsa: x485-rhg3-cqr4
+  url: https://github.com/advisories/GHSA-x485-rhg3-cqr4
+  title: Spree Commerce is vulnerable to RCE through Search API
+  date: 2025-08-20
+  description: |
+    Spreecommerce versions prior to 0.50.x contain a remote command
+    execution vulnerability in the API's search functionality. Improper
+    input sanitation allows attackers to inject arbitrary shell commands
+    via the search[instance_eval] parameter, which is dynamically invoked
+    using Ruby’s send method. This flaw enables unauthenticated attackers
+    to execute commands on the server.
+  cvss_v3: 9.8
+  cvss_v4: 9.3
+  unaffected_versions:
+  - "< 0.30.0.beta1"
+  patched_versions:
+  - ">= 0.50.0"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-10026
+    - https://github.com/spree
+    - https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
+    - https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
+    - https://www.exploit-db.com/exploits/17199
+    - https://www.vulncheck.com/advisories/spreecommerce-api-rce
+    - https://github.com/spree/spree/commit/0a9a360c590829d8a377ceae0cf997bbbbcc2df4
+    - https://github.com/spree/spree/commit/3b559e7219f3681184be409ad00cd34a34a37978
+    - https://github.com/advisories/GHSA-x485-rhg3-cqr4
+---
diff --git a/advisories/_posts/2025-11-06-CVE-2025-64501.md b/advisories/_posts/2025-11-06-CVE-2025-64501.md
@@ -66,9 +66,9 @@ advisory:
        Content-Security-Policy: default-src 'self'; script-src 'self'
     ```
 
-    3. **Input validation**: If possible, validate and sanitize ProseMirror
-       documents before conversion to prevent malicious content from
-       entering the system.
+    3. **Input validation**: If possible, validate and sanitize
+       ProseMirror documents before conversion to prevent malicious
+       content from entering the system.
 
     ### References
 
@@ -82,6 +82,7 @@ advisory:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2025-64501
     - https://github.com/etaminstudio/prosemirror_to_html/security/advisories/GHSA-52c5-vh7f-26fx
+    - https://github.com/etaminstudio/prosemirror_to_html/releases/tag/v0.2.1
     - https://github.com/etaminstudio/prosemirror_to_html/commit/4d59f94f550bcabeec30d298791bbdd883298ad8
     - https://github.com/advisories/GHSA-52c5-vh7f-26fx
 ---
