Skip to content

Commit efa3dff

Browse files
jasnowRubySec CI
jasnow
authored and
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@e6775a1 
1 parent f25af2c commit efa3dff

File tree

2 files changed

+60
-1
lines changed

2 files changed

+60
-1
lines changed

advisories/_posts/2020-03-10-CVE-2020-5243.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ advisory:
2020
strings.
2121
2222
### Patches
23-
Please update `uap-ruby` to >= v2.6.0
23+
Please update `uap-ruby` to >= v2.6.0
2424
2525
### For more information
2626
https://github.com/ua-parser/uap-core/security/advisories/GHSA-cmcx-xhr8-3w9p
@@ -30,4 +30,8 @@ advisory:
3030
related:
3131
ghsa:
3232
- cmcx-xhr8-3w9p
33+
url:
34+
- https://github.com/ua-parser/uap-ruby/security/advisories/GHSA-pcqq-5962-hvcw
35+
- https://github.com/ua-parser/uap-ruby/commit/2bb18268f4c5ba7d4ba0e21c296bf6437063da3a
36+
- https://github.com/advisories/GHSA-pcqq-5962-hvcw
3337
---

advisories/_posts/2025-05-21-CVE-2025-48069.md

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
---
2+
layout: advisory
3+
title: 'CVE-2025-48069 (ejson2env): Insufficient input sanitization in ejson2env'
4+
comments: false
5+
categories:
6+
- ejson2env
7+
advisory:
8+
gem: ejson2env
9+
cve: 2025-48069
10+
ghsa: 2c47-m757-32g6
11+
url: https://github.com/Shopify/ejson2env/security/advisories/GHSA-2c47-m757-32g6
12+
title: Insufficient input sanitization in ejson2env
13+
date: 2025-05-21
14+
description: |
15+
### Summary
16+
The `ejson2env` tool has a vulnerability related to how it writes to
17+
`stdout`. Specifically, the tool is intended to write an export
18+
statement for environment variables and their values. However, due
19+
to inadequate output sanitization, there is a potential risk where
20+
variable names or values may include malicious content, resulting
21+
in additional unintended commands being output to `stdout`. If this
22+
output is improperly utilized in further command execution, it could
23+
lead to command injection vulnerabilities, allowing an attacker to
24+
execute arbitrary commands on the host system.
25+
26+
### Details
27+
The vulnerability exists because environment variables are not
28+
properly sanitized during the decryption phase, which enables
29+
malicious keys or encrypted values to inject commands.
30+
31+
### Impact
32+
An attacker with control over `.ejson` files can inject commands
33+
in the environment where `source $(ejson2env)` or `eval ejson2env`
34+
are executed.
35+
36+
### Mitigation
37+
- Update to a version of `ejson2env` that sanitizes the output
38+
during decryption or
39+
- Do not use `ejson2env` to decrypt untrusted user secrets or
40+
- Do not evaluate or execute the direct output from `ejson2env`
41+
without removing nonprintable characters.
42+
43+
### Credit
44+
Thanks to security researcher [Demonia](https://hackerone.com/demonia?type=user)
45+
for reporting this issue.
46+
cvss_v3: 6.6
47+
patched_versions:
48+
- ">= 2.0.8"
49+
related:
50+
url:
51+
- https://nvd.nist.gov/vuln/detail/CVE-2025-48069
52+
- https://github.com/Shopify/ejson2env/security/advisories/GHSA-2c47-m757-32g6
53+
- https://github.com/Shopify/ejson2env/commit/592b3ceea967fee8b064e70983e8cec087b6d840
54+
- https://github.com/advisories/GHSA-2c47-m757-32g6
55+
---

0 commit comments

Comments
 (0)