Sha256: 0160870a02f6e6b5297b266308e6e00a3b962ce0e230a8b68e394cfdf8ef7920

Contents?: true

Size: 511 Bytes

Versions: 5

Compression:

Stored size: 511 Bytes

Contents

---
gem: mini_magick
cve: 2013-2616
osvdb: 91231
url: http://osvdb.org/show/osvdb/91231
title: MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection
date: 2013-03-12
description: |
  MiniMagick Gem for Ruby contains a flaw that is triggered during the handling
  of specially crafted input from an untrusted source passed via a URL that
  contains a ';' character. This may allow a context-dependent attacker to
  potentially execute arbitrary commands.
cvss_v2: 9.3
patched_versions:
  - ">= 3.6.0"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml