Sha256: 849ef21b7bccad77f14536ab350fee6373a306f6162c74f9876650d00eb8eecf

Contents?: true

Size: 520 Bytes

Versions: 8

Compression:

Stored size: 520 Bytes

Contents

---
gem: gitlab-grit
cve: 2013-4489
osvdb: 99370
url: http://www.osvdb.org/show/osvdb/99370
title: GitLab Grit Gem for Ruby contains a flaw
date: 2013-11-04
description: GitLab Grit Gem for Ruby contains a flaw in the app/contexts/search_context.rb script.
  The issue is triggered when input passed via the code search box is not properly sanitized,
  which allows strings to be evaluated by the Bourne shell. This may allow a remote attacker to
  execute arbitrary commands.
cvss_v2:
patched_versions: 
  - '>= 2.6.1'

Version data entries

8 entries across 8 versions & 3 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/gitlab-grit/OSVDB-99370.yml