Lucene search
GitHub Advisory DatabaseGHSA-HGMW-X865-HF9XHistoryOct 24, 2017 - 6:33 p.m.
Arabic Prawn allows remote attackers to execute arbitrary commands via shell metacharacters
2017-10-2418:33:36
GitHub Advisory Database
github.com
15
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
89.4%
lib/string_utf_support.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) downloaded_file or (2) url variable.
| CPE | Name | Operator | Version |
|---|---|---|---|
| arabic-prawn | le | 0.0.1 |
Related
packetstorm
packetstorm
Ruby Gem Arabic Prawn 0.0.1 Command Injection
2014-03-12 00:00:00
zdt
zdt
Ruby Gem Arabic Prawn 0.0.1 Command Injection Vulnerability
2014-03-13 00:00:00
cve
cve
CVE-2014-2322
2014-05-02 14:55:00
prion
prion
Code injection
2014-05-02 14:55:00
osv
osv
gitlab
gitlab
Remote Command Injection
2014-05-02 00:00:00
securityvulns
securityvulns
Different Ruby gems security vulnerabilities
2014-05-04 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
89.4%
Related for GHSA-HGMW-X865-HF9X