Sha256: 2d0b00bbbc94314c77a9877019a7ab45a6a326622f3183df392f7bc56851bbc8

Contents?: true

Size: 550 Bytes

Versions: 6

Compression:

Stored size: 550 Bytes

Contents

---
engine: ruby
cve: 2013-2065
osvdb: 93414
url: http://www.osvdb.org/show/osvdb/93414
title: |
  Ruby Multiple Module Object $SAFE Level Verification System Call Tainted
  String Injection
date: 2013-05-14
description: |
  Ruby contains a flaw that is triggered when the Fiddle and DL modules fail to
  properly verify the $SAFE level when handling certain objects. This may allow
  a remote attacker to inject tainted strings into a system call.
cvss_v2: 6.4
unaffected_versions:
  - ~> 1.8.0
patched_versions:
  - ~> 1.9.3.426
  - ">= 2.0.0.195"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/rubies/ruby/CVE-2013-2065.yml
bundler-budit-0.6.2 data/ruby-advisory-db/rubies/ruby/OSVDB-93414.yml
bundler-budit-0.6.1 data/ruby-advisory-db/rubies/ruby/OSVDB-93414.yml
bundler-audit-0.6.1 data/ruby-advisory-db/rubies/ruby/OSVDB-93414.yml
bundler-audit-0.6.0 data/ruby-advisory-db/rubies/ruby/OSVDB-93414.yml
bundler-audit-0.5.0 data/ruby-advisory-db/rubies/ruby/OSVDB-93414.yml