Sha256: 97b2cf18172936e461eab056836e4a43b9466990676016ed70e0448658fbf39b
Contents?: true
Size: 442 Bytes
Versions: 2
Compression:
Stored size: 442 Bytes
Contents
--- gem: sfpagent cve: osvdb: 105971 url: http://www.osvdb.org/show/osvdb/105971 title: sfpagent Gem for Ruby Remote Command Injection date: 2014-04-16 description: sfpagent Gem for Ruby contains a flaw that is triggered as JSON[body] input is not properly sanitized when handling module names with shell metacharacters. This may allow a context-dependent attacker to execute arbitrary commands. cvss_v2: patched_versions: - ">= 0.4.15"
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.4.0 | data/ruby-advisory-db/gems/sfpagent/OSVDB-105971.yml |
| bundler-audit-0.3.1 | data/ruby-advisory-db/gems/sfpagent/OSVDB-105971.yml |