Updated advisory posts against rubysec/ruby-advisory-db@8c2227f

jasnow · RubySec CI · commit 2a45aa92d036 · 2024-10-29T05:53:47.000Z
diff --git a/advisories/_posts/2024-10-28-CVE-2024-49761.md b/advisories/_posts/2024-10-28-CVE-2024-49761.md
@@ -0,0 +1,47 @@
+---
+layout: advisory
+title: 'CVE-2024-49761 (rexml): REXML ReDoS vulnerability'
+comments: false
+categories:
+- rexml
+advisory:
+  gem: rexml
+  cve: 2024-49761
+  ghsa: 2rxp-v6pw-ch6m
+  url: https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m
+  title: REXML ReDoS vulnerability
+  date: 2024-10-28
+  description: |
+    ## Impact
+
+    The REXML gem before 3.3.9 has a ReDoS vulnerability when it
+    parses an XML that has many digits between `&#` and `x...;`
+    in a hex numeric character reference (`&#x...;`).
+
+    This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only
+    affected maintained Ruby. Note that Ruby 3.1 will reach EOL on 2025-03.
+
+    ## Patches
+
+    The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
+
+    ## Workarounds
+
+    Use Ruby 3.2 or later instead of Ruby 3.1.
+
+    ## References
+
+    * https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761
+      * Announced on www.ruby-lang.org.
+  cvss_v4: 6.6
+  patched_versions:
+  - ">= 3.3.9"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-49761
+    - https://github.com/ruby/rexml/releases/tag/v3.3.9
+    - https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m
+    - https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
+    - https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761
+    - https://github.com/advisories/GHSA-2rxp-v6pw-ch6m
+---
diff --git a/advisories/_posts/2024-10-28-CVE-2024-49771.md b/advisories/_posts/2024-10-28-CVE-2024-49771.md
@@ -0,0 +1,42 @@
+---
+layout: advisory
+title: 'CVE-2024-49771 (mpxj): MPXJ has a Potential Path Traversal Vulnerability'
+comments: false
+categories:
+- mpxj
+advisory:
+  gem: mpxj
+  cve: 2024-49771
+  ghsa: j945-c44v-97g6
+  url: https://github.com/joniles/mpxj/security/advisories/GHSA-j945-c44v-97g6
+  title: MPXJ has a Potential Path Traversal Vulnerability
+  date: 2024-10-28
+  description: |
+    ### Impact
+
+    The patch for the historical vulnerability CVE-2020-35460 in MPXJ
+    is incomplete as there is still a possibility that a malicious path
+    could be constructed which would not be picked up by the original
+    fix and allow files to be written to arbitrary locations.
+
+    ### Patches
+
+    The issue is addressed in MPXJ version 13.5.1
+
+    ### Workarounds
+
+    Do not pass zip files to MPXJ.
+
+    ### References
+    N/A
+  cvss_v3: 5.3
+  unaffected_versions:
+  - "< 8.3.5"
+  patched_versions:
+  - ">= 13.5.1"
+  related:
+    url:
+    - https://github.com/joniles/mpxj/security/advisories/GHSA-j945-c44v-97g6
+    - https://github.com/joniles/mpxj/commit/8002802890dfdc8bc74259f37e053e15b827eea0
+    - https://github.com/advisories/GHSA-j945-c44v-97g6
+---
