CVE-2020-14001

CVE-2020-14001

Name

CVE-2020-14001

Description

The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://kramdown.gettalong.org
Release Notes	https://kramdown.gettalong.org/news.html
Patch	https://github.com/gettalong/kramdown/compare/REL_2_2_1...REL_2_3_0
Third Party Advisory	https://github.com/gettalong/kramdown
Patch	https://github.com/gettalong/kramdown/commit/1b8fd33c3120bfc6e5164b449e2c2fc9c9306fde
Third Party Advisory	https://rubygems.org/gems/kramdown
Third Party Advisory	https://security.netapp.com/advisory/ntap-20200731-0004/
Mailing List	https://lists.apache.org/thread.html/r96df7899fbb456fe2705882f710a0c8e8614b573fbffd8d12e3f54d2@%3Cnotifications.fluo.apache.org%3E
Mailing List	https://lists.debian.org/debian-lts-announce/2020/08/msg00014.html
Third Party Advisory	https://www.debian.org/security/2020/dsa-4743
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENMMGKHRQIZ3QKGOMBBBGB6B4LB5I7NQ/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBLTGBYU7NKOUOHDKVCU4GFZMGA6BP4L/
UBUNTU	https://usn.ubuntu.com/4562-1/

Type

URI

Vendor Advisory

https://kramdown.gettalong.org

Release Notes

https://kramdown.gettalong.org/news.html

Patch

https://github.com/gettalong/kramdown/compare/REL_2_2_1...REL_2_3_0

Third Party Advisory

https://github.com/gettalong/kramdown

Patch

https://github.com/gettalong/kramdown/commit/1b8fd33c3120bfc6e5164b449e2c2fc9c9306fde

Third Party Advisory

https://rubygems.org/gems/kramdown

Third Party Advisory

https://security.netapp.com/advisory/ntap-20200731-0004/

Mailing List

https://lists.apache.org/thread.html/r96df7899fbb456fe2705882f710a0c8e8614b573fbffd8d12e3f54d2@%3Cnotifications.fluo.apache.org%3E

Mailing List

https://lists.debian.org/debian-lts-announce/2020/08/msg00014.html

Third Party Advisory

https://www.debian.org/security/2020/dsa-4743

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENMMGKHRQIZ3QKGOMBBBGB6B4LB5I7NQ/

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBLTGBYU7NKOUOHDKVCU4GFZMGA6BP4L/

UBUNTU

https://usn.ubuntu.com/4562-1/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:kramdown_project:kramdown::::::ruby::*`	ruby-kramdown	>= None	< 2.3.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:kramdown_project:kramdown:*:*:*:*:*:ruby:*:*

ruby-kramdown

>= None

< 2.3.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
icinga2	edge-community	2.11.3-r1	None	fixed
icinga2	3.22-community	2.11.3-r1	None	fixed
icinga2	3.21-community	2.11.3-r1	None	fixed
icinga2	3.20-community	2.11.3-r1	None	fixed
icinga2	3.19-community	2.11.3-r1	None	fixed
icinga2	3.18-community	2.11.3-r1	None	fixed
icinga2	3.17-community	2.11.3-r1	None	fixed

Source package

Branch

Version

Maintainer

Status

icinga2

edge-community

2.11.3-r1

None

fixed

icinga2

3.22-community