Sha256: 15da1bb9f265e1436e6505cb8a30f561474d642ee8cd97d63a5185e373a2aa95
Contents?: true
Size: 593 Bytes
Versions: 1
Compression:
Stored size: 593 Bytes
Contents
--- gem: mail cve: 2011-0739 url: http://www.osvdb.org/show/osvdb/70667 title: > Mail Gem for Ruby lib/mail/network/delivery_methods/sendmail.rb Email From: Address Arbitrary Shell Command Injection description: | Mail Gem for Ruby contains a flaw related to the failure to properly sanitise input passed from an email from address in the 'deliver()' function in 'lib/mail/network/delivery_methods/sendmail.rb' before being used as a command line argument. This may allow a remote attacker to inject arbitrary shell commands. cvss_v2: 6.8 patched_versions: - ">= 2.2.15"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.1.2 | data/ruby-advisory-db/gems/mail/2011-0739.yml |