Updated advisory posts against rubysec/ruby-advisory-db@0b0c7c8

jasnow · RubySec CI · commit e645113abfe0 · 2025-08-15T01:10:06.000Z
diff --git a/advisories/_posts/2014-06-30-CVE-2014-10075.md b/advisories/_posts/2014-06-30-CVE-2014-10075.md
@@ -5,18 +5,12 @@ title: 'CVE-2014-10075 (karo): karo Gem for Ruby db.rb Metacharacter Handling Re
 comments: false
 categories:
 - karo
-- rubygems
-- rubygems
-- rubygems
 advisory:
   gem: karo
-  library: rubygems
-  framework: rubygems
-  platform: rubygems
   cve: 2014-10075
   osvdb: 108573
   ghsa: qfwq-chf4-jvwg
-  url: https://nvd.nist.gov/vuln/detail/CVE-2014-10075
+  url: https://github.com/advisories/GHSA-qfwq-chf4-jvwg
   title: karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution
   date: 2014-06-30
   description: |
@@ -31,14 +25,16 @@ advisory:
       in a Command ('Command Injection')
 
     * Severity: CRITICAL - CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+  cvss_v2: 7.5
   cvss_v3: 9.8
+  notes: Never patched
   related:
     url:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-10075
-    - http://www.vapid.dhs.org/advisories/karo-2.3.8.html
-    - http://www.vapidlabs.com/advisory.php?v=63
-    - http://osvdb.org/show/osvdb/108573
-    - https://github.com/advisories/GHSA-qf67-vmxx-gp4jGHSA-qfwq-chf4-jvwg.json
     - https://github.com/rahult/karo
     - https://github.com/rahult/karo/blob/master/CHANGELOG.md
+    - https://web.archive.org/web/20250421021935/http://www.vapid.dhs.org/advisories/karo-2.3.8.html
+    - http://www.vapidlabs.com/advisory.php?v=63
+    - https://www.openwall.com/lists/oss-security/2014/07/07/22
+    - https://github.com/advisories/GHSA-qfwq-chf4-jvwg
 ---
