mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-30 20:39:39 +02:00
Critical bug fixes and recall improvements (#68)
This commit is contained in:
parent
7d0e7320e2
commit
55247b7fcd
352 changed files with 60069 additions and 900 deletions
|
|
@ -814,7 +814,8 @@
|
|||
"py.xss.jinja_from_string"
|
||||
],
|
||||
"allowed_alternative_rule_ids": [
|
||||
"taint-unsanitised-flow"
|
||||
"taint-unsanitised-flow",
|
||||
"taint-template-injection"
|
||||
],
|
||||
"forbidden_rule_ids": [],
|
||||
"expected_severity": "HIGH",
|
||||
|
|
@ -11087,6 +11088,12 @@
|
|||
"expected_severity": "MEDIUM",
|
||||
"expected_category": "Security",
|
||||
"expected_sink_lines": [
|
||||
[
|
||||
76,
|
||||
80
|
||||
]
|
||||
],
|
||||
"expected_call_site_lines": [
|
||||
[
|
||||
58,
|
||||
58
|
||||
|
|
@ -11104,7 +11111,7 @@
|
|||
"path_traversal",
|
||||
"rack-middleware"
|
||||
],
|
||||
"notes": "CVE-2023-38337: rswag-api Rack middleware concatenated env['PATH_INFO'] into the swagger root path with no validation; GET /../config/secrets.yml served arbitrary YAML/JSON files. Fixed in 2.10.1 by File.expand_path + start_with? rooted-path check. MIT"
|
||||
"notes": "CVE-2023-38337: rswag-api Rack middleware concatenated env['PATH_INFO'] into the swagger root path with no validation; GET /../config/secrets.yml served arbitrary YAML/JSON files. Fixed in 2.10.1 by File.expand_path + start_with? rooted-path check. After multi-hop attribution lands (2026-05-10 session 0008 from_chain flag), engine reports the deeper File.read sink at line 76 (load_yaml arm) or line 80 (load_json arm); the call site for parse_file remains at line 58 and is asserted via expected_call_site_lines. MIT"
|
||||
},
|
||||
{
|
||||
"case_id": "cve-rb-2023-38337-patched",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue