Curl Gem insufficient URL escaping command injection

🗓️ 24 Oct 2017 18:37:33Reported by GitHub Advisory DatabaseType

Curl Gem allows remote command executio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2013-2617	20 Mar 201322:00	–	cvelist
OSV	Curl Gem insufficient URL escaping command injection	24 Oct 201718:33	–	osv
Prion	Code injection	20 Mar 201322:55	–	prion
Prion	Design/Logic Flaw	20 Mar 201318:55	–	prion
CVE	CVE-2013-2617	20 Mar 201322:55	–	cve
CVE	CVE-2013-1878	20 Mar 201318:55	–	cve
NVD	CVE-2013-2617	20 Mar 201322:55	–	nvd
NVD	CVE-2013-1878	20 Mar 201318:55	–	nvd
RubySec	CVE-2013-2617 rubygem-curl: insufficient URL escaping command injection	11 Mar 201320:00	–	rubygems

Vulners

Node

curl curlRange≤0.0.9

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2013-2617
packetstormsecurity	www.packetstormsecurity.com/files/120778/Ruby-Gem-Curl-Command-Execution.html
seclists	www.seclists.org/fulldisclosure/2013/Mar/124
openwall	www.openwall.com/lists/oss-security/2013/03/19/9
github	www.github.com/rubysec/ruby-advisory-db/blob/master/gems/curl/CVE-2013-2617.yml
github	www.github.com/advisories/GHSA-hxx6-p24v-wg8c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Oct 2017 18:33Current

7.3High risk

Vulners AI Score7.3

CVSS27.5

EPSS0.01405

CWE-94