Lucene search
GoogleOSV:GHSA-C5R5-7PFH-6QG6HistoryFeb 14, 2020 - 11:10 p.m.
BibTeX-Ruby vulnerable to OS command injection
2020-02-1423:10:01
Google
osv.dev
7
EPSS
0.005
Percentile
75.8%
BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.
References
github.com/advisories/GHSA-c5r5-7pfh-6qg6
github.com/inukshuk/bibtex-ruby
github.com/inukshuk/bibtex-ruby/commit/14406f4460f4e1ecabd25ca94f809b3ea7c5fb11
github.com/rubysec/ruby-advisory-db/blob/master/gems/bibtex-ruby/CVE-2019-10780.yml
nvd.nist.gov/vuln/detail/CVE-2019-10780
snyk.io/vuln/SNYK-RUBY-BIBTEXRUBY-542602
Related
prion
prion
Command injection
2020-01-22 14:15:00
rubygems
rubygems
OS command injection in BibTeX-Ruby
2020-02-13 21:00:00
cve
cve
CVE-2019-10780
2020-01-22 14:15:11
osv
osv
CVE-2019-10780
2020-01-22 14:15:11
github
github
BibTeX-Ruby vulnerable to OS command injection
2020-02-14 23:10:01
veracode
veracode
OS Command Injection
2020-01-23 02:32:14
cvelist
cvelist
CVE-2019-10780
2020-01-22 13:30:47
nvd
nvd
CVE-2019-10780
2020-01-22 14:15:11