Sha256: a7182eba6a0cf1a301883711baa60242fb8057305a82ef4e62745871439f62a5

Contents?: true

Size: 531 Bytes

Versions: 5

Compression:

Stored size: 531 Bytes

Contents

---
gem: rgpg
cve: 2013-4203
osvdb: 95948
url: http://www.osvdb.org/show/osvdb/95948
title: rgpg Gem for Ruby lib/rgpg/gpg_helper.rb Remote Command Execution
date: 2013-08-02
description: |
  rgpg Gem for Ruby contains a flaw in the GpgHelper module
  (lib/rgpg/gpg_helper.rb). The issue is due to the program failing to properly
  sanitize user-supplied input before being used in the system() function for
  execution. This may allow a remote attacker to execute arbitrary commands.
cvss_v2: 7.5
patched_versions:
  - ">= 0.2.3"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml