Sha256: 5c08f25deb1738af3faf249f276da96b7c0ce8be404a9ff1424630ff97857136

Contents?: true

Size: 553 Bytes

Versions: 6

Compression:

Stored size: 553 Bytes

Contents

--- 
gem: redis-namespace
osvdb: 96425
url: http://blog.steveklabnik.com/posts/2013-08-03-redis-namespace-1-3-1--security-release
title: redis-namespace Gem for Ruby contains a flaw in the method_missing implementation
date: 2013-08-03
description: |
  redis-namespace Gem for Ruby contains a flaw in the method_missing implementation.
  The issue is triggered when handling exec commands called via send(). This may allow a
  remote attacker to execute arbitrary commands.
patched_versions: 
  - ">= 1.3.1"
  - "~> 1.2.2"
  - "~> 1.1.1"
  - "~> 1.0.4"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/redis-namespace/OSVDB-96425.yml