Sha256: e8d5af153d4ebd9de0c944579ec3c0636bb45e4830ef40befc72419c2bdb6d7a
Contents?: true
Size: 531 Bytes
Versions: 1
Compression:
Stored size: 531 Bytes
Contents
--- gem: cremefraiche cve: 2013-2090 osvdb: 93395 url: https://nvd.nist.gov/vuln/detail/CVE-2013-2090 title: Creme Fraiche Gem for Ruby File Name Shell Metacharacter Injection Arbitrary Command Execution date: 2013-05-14 description: Creme Fraiche Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input in file names. With a specially crafted file name that contains shell metacharacters, a context-dependent attacker can execute arbitrary commands cvss_v2: 9.3 patched_versions: - ">= 0.6.1"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/cremefraiche/CVE-2013-2090.yml |