Sha256: 5b2f3b92f31539c399c341549050c521414aa58f6f7bc4fb047b60c849a00766

Contents?: true

Size: 452 Bytes

Versions: 3

Compression:

Stored size: 452 Bytes

Contents

---
gem: echor
osvdb: 102129
url: http://osvdb.org/show/osvdb/102129
title: Echor Gem for Ruby contains a flaw
date: 2014-01-14
description: Echor Gem for Ruby contains a flaw in backplane.rb in the perform_request function that is triggered when
  a semi-colon (;) is injected into a username or password. This may allow a context-dependent attacker to inject
  arbitrary commands if the gem is used in a rails application.
cvss_v2:
patched_versions:

Version data entries

3 entries across 3 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/echor/OSVDB-102129.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/echor/OSVDB-102129.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/echor/OSVDB-102129.yml