RubygemsResearch

Sha256: 5e35b1a086716f52f9ca3fc4a13ced552598707cfd4ac5e53798d09635436bc9

Contents?: true

Size: 505 Bytes

Versions: 9

Compression:

Stored size: 505 Bytes

---
gem: mini_magick
cve: 2013-2616
osvdb: 91231
url: http://osvdb.org/show/osvdb/91231
title: MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection
date: 2013-03-12

description: MiniMagick Gem for Ruby contains a flaw that is triggered during the handling of specially crafted input from an untrusted source passed via a URL that contains a ';' character. This may allow a context-dependent attacker to potentially execute arbitrary commands.

cvss_v2: 9.3

patched_versions:
  - ">= 3.6.0"

Version data entries

9 entries across 9 versions & 2 rubygems

Version	Path
bundler-audit-0.4.0	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.3.1	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
mrjoy-bundler-audit-0.3.3	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
mrjoy-bundler-audit-0.3.2	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
mrjoy-bundler-audit-0.3.1	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.3.0	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
mrjoy-bundler-audit-0.2.1	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
bundler-audit-0.2.0	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
mrjoy-bundler-audit-0.1.4	data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml