GHSA-7xvc-v44j-46fh

Source

https://github.com/advisories/GHSA-7xvc-v44j-46fh

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-7xvc-v44j-46fh/GHSA-7xvc-v44j-46fh.json

Aliases

CVE-2023-26153

Published

2023-10-06T06:30:16Z

Modified

2023-11-08T05:46:32.346387Z

Details

Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value.

Note:

An attacker can use this vulnerability to execute commands on the host system.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-26153
https://github.com/geokit/geokit-rails/commit/7ffc5813e57f6f417987043e1039925fd0865c43
https://github.com/geokit/geokit-rails/commit/a93dfe49fb9aeae7164e2f8c4041450a04b5482f
https://gist.github.com/CalumHutton/b7aa1c2e71c8d4386463ac14f686901d
https://github.com/advisories/GHSA-7xvc-v44j-46fh
https://github.com/geokit/geokit-rails
https://github.com/geokit/geokit-rails/blob/master/lib/geokit-rails/ip_geocode_lookup.rb#L37
https://github.com/geokit/geokit-rails/blob/master/lib/geokit-rails/ip_geocode_lookup.rb%23L37
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/geokit-rails/CVE-2023-26153.yml
https://security.snyk.io/vuln/SNYK-RUBY-GEOKITRAILS-5920323

Affected packages

RubyGems / geokit-rails

Package

Name: geokit-rails

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.5.0

Affected versions

1.*

1.1.4

2.*

2.0.0.rc1

2.0.0

2.0.1

2.1.0

2.2.0

2.3.0

2.3.1

2.3.2