Sha256: b6e99d984fddfabbe04741febdea6f384a3c1fbf735bdb811490804d5d7bcac9

Contents?: true

Size: 482 Bytes

Versions: 5

Compression:

Stored size: 482 Bytes

Contents

--- 
gem: command_wrap
cve: 2013-1875
osvdb: 91450
url: http://osvdb.org/show/osvdb/91450
title: command_wrap Gem for Ruby URI Handling Arbitrary Command Injection
date: 2013-03-18
description: command_wrap Gem for Ruby contains a flaw that is triggered during the handling of input passed via the URL that contains a semicolon character (;). This will allow a remote attacker to inject arbitrary commands and have them executed in the context of the user clicking it.
cvss_v2: 7.5

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml