Sha256: c209357f3517b46b5e45f63be3077d9d6ed39d8edc3e78bd48e2acf012aeca8a
Contents?: true
Size: 469 Bytes
Versions: 1
Compression:
Stored size: 469 Bytes
Contents
--- gem: slanger cve: 2019-1010306 ghsa: rg32-m3hf-772v url: https://github.com/stevegraham/slanger/pull/238 date: 2019-07-16 title: Arbitrary command execution in slanger description: | A remote attacker can execute arbitrary commands by sending a crafted request to the server. This is due to the use of `Oj.load` instead of `Oj.strict_load` when processing messages. Note that `slanger` is no longer maintained. patched_versions: - ">= 0.6.1" cvss_v3: 9.8
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/slanger/CVE-2019-1010306.yml |