Sha256: 835bc0d0e42eca19b5a0d0a4a87fa5abd5eb8dba25ecf31c4ff2b531af4aafb1

Contents?: true

Size: 440 Bytes

Versions: 3

Compression:

Stored size: 440 Bytes

Contents

---
gem: curl
cve: 2013-1878
osvdb: 91230
url: http://osvdb.org/show/osvdb/91230
title: Curl Gem for Ruby URI Handling Arbitrary Command Injection 
date: 2013-03-12

description: Curl Gem for Ruby contains a flaw that is triggered during the handling of specially crafted input passed via the URL.  This may allow a context-dependent attacker to potentially execute arbitrary commands by injecting them via a semi-colon (;).

cvss_v2: 7.5

Version data entries

3 entries across 3 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/curl/OSVDB-91230.yml