RubygemsResearch

Sha256: 7a690063a74885d90298d98bea56d3e1fb7a218b3238e9e4d1df97fa8c4c003f

Contents?: true

Size: 440 Bytes

Versions: 6

Compression:

Stored size: 440 Bytes

---
gem: curl
cve: 2013-1878
osvdb: 91230
url: http://osvdb.org/show/osvdb/91230
title: Curl Gem for Ruby URI Handling Arbitrary Command Injection 
date: 2013-03-12

description: Curl Gem for Ruby contains a flaw that is triggered during the handling of specially crafted input passed via the URL.  This may allow a context-dependent attacker to potentially execute arbitrary commands by injecting them via a semi-colon (;).

cvss_v2: 9.3

Version data entries

6 entries across 6 versions & 2 rubygems

Version	Path
mrjoy-bundler-audit-0.3.2	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
mrjoy-bundler-audit-0.3.1	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
bundler-audit-0.3.0	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
mrjoy-bundler-audit-0.2.1	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
bundler-audit-0.2.0	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
mrjoy-bundler-audit-0.1.4	data/ruby-advisory-db/gems/curl/OSVDB-91230.yml