Sha256: 3097e0f8f88aaea5e1732607ef40daff69e8d65bf00f7e04946d723f9a6e0135

Contents?: true

Size: 461 Bytes

Versions: 6

Compression:

Stored size: 461 Bytes

Contents

---
gem: wicked
cve: 2013-4413
osvdb: 98270
url: http://www.osvdb.org/show/osvdb/98270
title: Wicked Gem for Ruby contains a flaw
date: 2013-10-08
description: Wicked Gem for Ruby contains a flaw that is due to the program
  failing to properly sanitize input passed via the 'the_step' parameter
  upon submission to the render_redirect.rb script.
  This may allow a remote attacker to gain access to arbitrary files.
cvss_v2:
patched_versions: 
  - '>= 1.0.1'

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/wicked/OSVDB-98270.yml