Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-1947
ruby
gem
security
cve-2013-1947
command execution
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.6%
kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb.
Affected configurations
Node
kelly_d._reddingkelredd-pruviewMatch0.3.8
ruby-langruby
| CPE | Name | Operator | Version |
|---|---|---|---|
| kelly_d._redding:kelredd-pruview | kelly d. redding kelredd-pruview | eq | 0.3.8 |
Related
nvd
nvd
CVE-2013-1947
2013-04-25 23:55:01
cvelist
cvelist
CVE-2013-1947
2022-10-03 16:14:49
prion
prion
Code injection
2013-04-25 23:55:00
github
github
Shell Metacharacter Injection in kelredd-pruview
2017-10-24 18:33:37
seebug
seebug
RubyGems kelredd-pruview多个远程命令注入漏洞
2013-04-16 00:00:00
osv
osv
Shell Metacharacter Injection in kelredd-pruview
2017-10-24 18:33:37
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.6%
Related for CVE-2013-1947