Sha256: 0315196c4e0c95c9cb12ef2acb61eb9cc9585f0ff5da1d2947a005ad3de5dba6

Contents?: true

Size: 430 Bytes

Versions: 6

Compression:

Stored size: 430 Bytes

Contents

---
gem: dragonfly
osvdb: 97854
url: http://osvdb.org/show/osvdb/97854
title: Dragonfly Gem for Ruby on Windows Shell Escaping Weakness
date: 2011-09-01
description: |
  Dragonfly Gem for Ruby contains a flaw that is due to the program failing to
  properly escape a shell that contains injected characters. This may allow a
  context-dependent attacker to potentially execute arbitrary commands.
patched_versions:
  - ">= 0.9.6"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/dragonfly/OSVDB-97854.yml