Lucene search
GoogleOSV:GHSA-F489-655R-X6GRHistoryMay 13, 2022 - 1:16 a.m.
smalruby and smalruby-editor vulnerable to OS Command Injection
2022-05-1301:16:27
Google
osv.dev
3
0.007 Low
EPSS
Percentile
80.5%
smalruby-editor prior to 0.4.1 and smalruby prior to 0.1.11 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| smalruby | eq | 0.0.12 | |
| smalruby | eq | 0.1.2 | |
| smalruby-editor | eq | 0.2.1 | |
| smalruby-editor | eq | 0.3.2 | |
| smalruby | eq | 0.0.22 | |
| smalruby-editor | eq | 0.2.7 | |
| smalruby | eq | 0.0.10 | |
| smalruby | eq | 0.0.24 | |
| smalruby-editor | eq | 0.0.4 | |
| smalruby | eq | 0.0.1 |
References
jvn.jp/en/jp/JVN50197114/index.html
smalruby.jp/blog/2017/01/14/smalruby-editor-0-4-1-has-been-released-english.html
github.com/rubysec/ruby-advisory-db/blob/master/gems/smalruby/CVE-2017-2096.yml
github.com/smalruby/smalruby-editor
nvd.nist.gov/vuln/detail/CVE-2017-2096
web.archive.org/web/20200227194312/www.securityfocus.com/bid/95775
Related
cve
cve
CVE-2017-2096
2017-04-28 16:59:00
osv
osv
CVE-2017-2096
2017-04-28 16:59:00
nvd
nvd
CVE-2017-2096
2017-04-28 16:59:00
github
github
smalruby and smalruby-editor vulnerable to OS Command Injection
2022-05-13 01:16:27
veracode
veracode
Arbitrary Command Execution
2017-05-02 01:44:38
cvelist
cvelist
CVE-2017-2096
2017-04-28 16:00:00
jvn
jvn
JVN#50197114: smalruby-editor vulnerable to OS command injection
2017-01-24 00:00:00
prion
prion
Design/Logic Flaw
2017-04-28 16:59:00