Add gsm: advisory field

Author: jasnow

README.md

@@ -37,14 +37,14 @@ rubies/:
 The `gems/` directory contains sub-directories that match the names of the Ruby
 libraries on [rubygems.org]. Within each directory are one or more advisory
 files for the Ruby library. These advisory files are named using the
-advisories' [CVE] or [GHSA] ID.
+advisories' [CVE] or [GHSA] or [GSM] ID.
 
 ### `rubies/`
 
 The `rubies/` directory contains sub-directories for each Ruby implementation.
 Within each directory are one or more advisory files for the Ruby
 implementation. These advisory files are named using the advisories' [CVE]
-or [GHSA] ID.
+or [GHSA] or [GSM] ID.
 
 ## Examples
 
@@ -126,6 +126,7 @@ patched_versions:
 * `cve` \[String\] (optional): Common Vulnerabilities and Exposures (CVE) ID.
 * `osvdb` \[Integer\] (optional): Open Sourced Vulnerability Database (OSVDB) ID.
 * `ghsa` \[String\] (optional): GitHub Security Advisory (GHSA) ID.
+* `gsm` \[String\] (optional): GitLab Security Advisory (GSM) ID.
 * `url` \[String\] (required): The URL to the full advisory.
 * `title` \[String\] (required): The title of the advisory or individual vulnerability. It must be a single line sentence.
 * `date` \[Date\] (required): The public disclosure date of the advisory.
@@ -137,7 +138,7 @@ patched_versions:
   unaffected versions of the Ruby library.
 * `patched_versions` \[Array\<String\>\] (optional): The version requirements for the
   patched versions of the Ruby library.
-* `related` \[Hash\<Array\<String\>\>\] (optional): Sometimes an advisory references many urls and other identifiers. Supported keys: `cve`, `ghsa`, `osvdb`, and `url`
+* `related` \[Hash\<Array\<String\>\>\] (optional): Sometimes an advisory references many urls and other identifiers. Supported keys: `cve`, `ghsa`, `gsm`, `osvdb`, and `url`
 * `notes` \[String\] (optional): Internal notes regarding the vulnerability's inclusion in this database.
 
 ### `rubies`
@@ -147,6 +148,7 @@ patched_versions:
 * `cve` \[String\] (optional): Common Vulnerabilities and Exposures (CVE) ID.
 * `osvdb` \[Integer\] (optional): Open Sourced Vulnerability Database (OSVDB) ID.
 * `ghsa` \[String\] (optional): GitHub Security Advisory (GHSA) ID.
+* `gsm` \[String\] (optional): GitLab Security Advisory (GSM) ID.
 * `url` \[String\] (required): The URL to the full advisory.
 * `title` \[String\] (required): The title of the advisory or individual vulnerability. It must be a single line sentence.
 * `date` \[Date\] (required): The public disclosure date of the advisory.
@@ -158,7 +160,7 @@ patched_versions:
   unaffected versions of the Ruby implementation.
 * `patched_versions` \[Array\<String\>\] (optional): The version requirements for the
   patched versions of the Ruby implementation.
-* `related` \[Hash\<Array\<String\>\>\] (optional): Sometimes an advisory references many urls and other identifiers. Supported keys: `cve`, `ghsa`, `osvdb`, and `url`
+* `related` \[Hash\<Array\<String\>\>\] (optional): Sometimes an advisory references many urls and other identifiers. Supported keys: `cve`, `ghsa`, `gsm`, `osvdb`, and `url`
 * `notes` \[String\] (optional): Internal notes regarding the vulnerability's inclusion in this database.
 
 ## Tests
@@ -229,6 +231,7 @@ developed by the Open Security Foundation (OSF) and its contributors.
 [CVE]: https://cve.mitre.org/
 [OSVDB]: https://en.wikipedia.org/wiki/Open_Source_Vulnerability_Database
 [GHSA]: https://help.github.com/en/articles/about-maintainer-security-advisories
+[GSM]: https://advisories.gitlab.com/advisories
 [GitHub Security Advisory API]: https://developer.github.com/v4/object/securityadvisory/
 [CVSSv2]: https://www.first.org/cvss/v2/guide
 [CVSSv3]: https://www.first.org/cvss/v3.1/user-guide

gems/encryptor/GSM-2016-16.yml

@@ -0,0 +1,62 @@
+---
+gem: encryptor
+gsm: 2016-16
+url: https://advisories.gitlab.com/pkg/gem/encryptor/GMS-2016-16
+title: AES-GCM nonce reuse vulnerability
+date: 2016-03-20
+description: |
+  The encryptor gem prior to version 3.0.0 encrypts all messages using
+  the same AES-GCM key/nonce pair when GCM mode is used. Reusing a
+  nonce with AES-GCM catastrophically breaks the security of the scheme:
+  by XORing two ciphertexts produced with the same key and nonce, an
+  attacker can recover the XOR of the corresponding plaintexts.
+  Worse, the construction leaks the AES-GCM authentication subkey,
+  allowing attackers to forge valid authentication tags, mount chosen
+  ciphertext attacks, and potentially recover full plaintexts. Users
+  relying on encryptor 2.x with AES-GCM should assume confidentiality
+  and integrity of affected ciphertexts are compromised and must
+  re-encrypt data with a corrected implementation.
+
+  ## PREVIOUS DESCRIPTION
+  This gem was encrypting all messages using the same key/nonce. This
+  not only exposes the XOR of the plaintexts if you XOR together two
+  ciphertexts, but it also leaks the AES-GCM authentication key, allowing
+  an attacker to forge messages and potentially perform chosen ciphertext
+  attacks, which could potentially enable full plaintext recovery
+  (especially if they've e.g. compromised the database, which is the
+  threat model attr_encrypted is designed to defend against).
+
+  ## NOTE
+  The vulnerability arises from using a fixed or otherwise reused nonce with
+  AES-GCM across multiple encryptions under the same key. This design flaw
+  fatally undermines both confidentiality and integrity, enabling plaintext
+  recovery and forgery of ciphertexts. Version 3.0.0 of encryptor changes
+  the way IVs/nonces are generated for AES-GCM, addressing the nonce reuse
+  issue and rendering prior ciphertexts produced under the vulnerable
+  scheme unsafe.
+
+  NOTE: Release 3.0.0 (3/26/2018) is last release of gem as of 6/12/2023.
+patched_versions:
+  - ">= 3.0.0"
+related:
+  url:
+    - https://advisories.gitlab.com/pkg/gem/encryptor/GMS-2016-16
+    - https://security.snyk.io/vuln/SNYK-RUBY-ENCRYPTOR-20434
+    - https://github.com/attr-encrypted/encryptor/releases/tag/3.0.0
+    - https://github.com/rubysec/ruby-advisory-db/issues/305
+    - https://github.com/attr-encrypted/encryptor#upgrading-from-v200-to-v300
+    - https://github.com/attr-encrypted/encryptor/blob/master/CHANGELOG.md
+    - https://github.com/attr-encrypted/encryptor/issues/30
+    - https://github.com/attr-encrypted/encryptor/pull/22
+    - https://github.com/attr-encrypted/encryptor/pull/22/commits/91f7228b6add7156f5bb38f9495be5141fe557a8
+notes: |
+  - ISS#30 ("CVE for encryptor 2.0.0") is still open.
+  - No CVE/GSHA/OSVDB ID.
+  - No cvss_v2 or cvss_v3. SNYK has general CVSS values.
+  - Empty https://github.com/attr-encrypted/encryptor/security
+  - Using CWE-323.
+    - keywords: CWE AES-GSM nonce reuse vulnerability encrypting authentication
+      - (CWE-323) (yes)
+        - https://www.ubiqsecurity.com/
+          exploring-cwe-323-reusing-a-nonce-key-pair-in-encryption/
+      - (CWE-327) (general)

spec/advisory_example.rb

@@ -27,27 +27,36 @@
       end
     end
 
-    it "should be correctly named CVE-XXX or OSVDB-XXX or GHSA-XXX" do
+    let(:filename_gsm) do
+      if filename.start_with?('GSM-')
+        filename.gsub('GSM-','')
+      end
+    end
+
+    it "should be correctly named CVE-XXX or OSVDB-XXX or GHSA-XXX or GSM-XXX" do
       expect(filename).to match(
         /\A
           (?:
              CVE-\d{4}-(?:0\d{3}|[1-9]\d{3,})|
              OSVDB-\d+|
-             GHSA(-[a-z0-9]{4}){3}
+             GHSA(-[a-z0-9]{4}){3}|
+             GSM(-[a-z0-9]{4})-[0-9]{2}
           )\.yml\z
         /x
       )
     end
 
-    it "should have CVE or OSVDB or GHSA" do
-      expect(advisory['cve'] || advisory['osvdb'] || advisory['ghsa']).not_to be_nil
+    it "should have CVE or OSVDB or GHSA or GSM" do
+      expect(advisory['cve'] || advisory['osvdb'] || advisory['ghsa'] || advisory['gsm']).not_to be_nil
     end
 
     it "should CVE-XXX if cve field has a value" do
       if advisory['cve']
         expect(filename).to start_with('CVE-')
       elsif advisory['ghsa']
         expect(filename).to start_with('GHSA-')
+      elsif advisory['gam']
+        expect(filename).to start_with('GSM-')
       end
     end
 
@@ -100,6 +109,19 @@
       end
     end
 
+    describe "gsm" do
+      subject { advisory['gsm'] }
+
+      it "may be nil or a String" do
+        expect(subject).to be_kind_of(String).or(be_nil)
+      end
+      it "should be id in filename if filename is GSM-XXX" do
+        if filename_gsm
+          expect(subject).to eq(filename_gsm.chomp('.yml'))
+        end
+      end
+    end
+
     describe "url" do
       subject { advisory['url'] }
 
@@ -234,8 +256,8 @@
       when Hash
         advisory["related"].each_pair do |name,values|
           describe(name) do
-            it "should be either a cve, an osvdb, a ghsa, or a url" do
-              expect(["cve", "osvdb", "ghsa", "url"]).to include(name)
+            it "should be either a cve, an osvdb, a ghsa, a gsm or a url" do
+              expect(["cve", "osvdb", "ghsa", "gsm", "url"]).to include(name)
             end
 
             it "should always contain an array" do

spec/schemas/gem.yml

@@ -18,6 +18,9 @@ mapping:
   "ghsa":
     type: str
     pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}/
+  "gsm":
+    type: str
+    pattern: /[a-z0-9]{4}-[a-z0-9]{2}/
   "url":
     type: str
     required: true
@@ -58,6 +61,11 @@ mapping:
         sequence:
           - type: str
             pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}/
+      "gsm":
+        type: seq
+        sequence:
+          - type: str
+            pattern: /[a-z0-9]{4}-[a-z0-9]{2}/
       "osvdb":
         type: seq
         sequence:

spec/schemas/ruby.yml

@@ -15,6 +15,9 @@ mapping:
   "ghsa":
     type: str
     pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}/
+  "gsm":
+    type: str
+    pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{3}/
   "url":
     type: str
     required: true
@@ -55,6 +58,11 @@ mapping:
         sequence:
           - type: str
             pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}/
+      "gsm":
+        type: seq
+        sequence:
+          - type: str
+            pattern: /[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}/
       "osvdb":
         type: seq
         sequence: