Publicly disclosed security vulnerabilities
I have responsibly reported several security vulnerabilities; some of the public ones are listed below.
Arbitrary command execution on Windows in Vim: CVE-2023-4736 (2023)
Untrusted search path on Windows systems leading to arbitrary code execution in GitPython: CVE-2023-40590 (2023)
Blind local file inclusion in GitPython: CVE-2023-41040 (2023)
Arbitrary write to files from builder server in Read the Docs: GHSA-v7x4-rhpg-3p2r (2023)
Write access to projects via API V2 for any logged-in user in Read the Docs: GHSA-rqfv-8rrx-prmh (2023)
CAS session hijacking in Read the Docs for Businesses: GHSA-4mgr-vrh5-hj8q (2023)
Serving content from pull requests previews on main docs domains in Read the Docs: GHSA-h4cf-8gv8-4chf (2023)
Cache poisoning: serving arbitrary content on documentation sites in Read the Docs: GHSA-mp38-vprc-7hf5 (2023)
Arbitrary code execution when using treesitter with injections in Neovim: GHSA-6f9m-hj8h-xjgj (2023)
Path traversal: access to files from any project in Read the Docs: GHSA-5w8m-r7jm-mhp9 (2023)
Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-hqwg-gjqw-h5wg (2023)
Cache poisoning in Read the Docs: GHSA-7fcx-wwr3-99jv (2023)
Arbitrary command execution in simple-git: CVE-2022-25860 (2022)
Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-368m-86q9-m99w (2022)
Allow serving of arbitrary HTML files from the main domain in Read the Docs: GHSA-98pf-gfh3-x3mp (2022)
CSRF from documentation domains in Read the Docs: GHSA-3v5m-qmm9-3c6c (2021)
Serving arbitrary files in domains of other projects in Read the Docs: https://docs.readthedocs.io/en/stable/security.html#release-2-3-0 (2018)