Sha256: c75b7860af35acc0f15d67e900679cf6829ba77c94a9d9efc69c9379d1b0473e
Contents?: true
Size: 494 Bytes
Versions: 1
Compression:
Stored size: 494 Bytes
Contents
--- gem: sfpagent cve: 2014-2888 osvdb: 105971 url: https://nvd.nist.gov/vuln/detail/CVE-2014-2888 title: sfpagent Gem for Ruby JSON[body] Module Name Remote Command Execution date: 2014-04-16 description: | sfpagent Gem for Ruby contains a flaw that is triggered as JSON[body] input is not properly sanitized when handling module names with shell metacharacters. This may allow a context-dependent attacker to execute arbitrary commands. cvss_v2: 7.5 patched_versions: - ">= 0.4.15"
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/sfpagent/CVE-2014-2888.yml |