Lucene search
GoogleOSV:GHSA-W248-XR37-JX8MHistoryOct 24, 2017 - 6:33 p.m.
fastreader Gem for Ruby URI Handling Arbitrary Command Injection
2017-10-2418:33:37
Google
osv.dev
6
EPSS
0.015
Percentile
86.9%
fastreader Gem for Ruby contains a flaw that is triggered during the handling of specially crafted input passed via a URL that contains a ‘;’ character. This may allow a context-dependent attacker to potentially execute arbitrary commands.
References
packetstormsecurity.com/files/120776/Ruby-Gem-Fastreader-1.0.8-Command-Execution.html
packetstormsecurity.com/files/120845/Ruby-Gem-Fastreader-1.0.8-Code-Execution.html
seclists.org/fulldisclosure/2013/Mar/122
www.openwall.com/lists/oss-security/2013/03/19/9
github.com/rubysec/ruby-advisory-db/blob/master/gems/fastreader/CVE-2013-2615.yml
nvd.nist.gov/vuln/detail/CVE-2013-2615
Related
cvelist
cvelist
CVE-2013-2615
2013-03-20 22:00:00
github
github
fastreader Gem for Ruby URI Handling Arbitrary Command Injection
2017-10-24 18:33:37
nvd
nvd
CVE-2013-2615
2013-03-20 22:55:01
CVE-2013-1876
2013-03-20 18:55:01
prion
prion
Code injection
2013-03-20 22:55:00
Design/Logic Flaw
2013-03-20 18:55:00
cve
cve
CVE-2013-2615
2013-03-20 22:55:01
CVE-2013-1876
2013-03-20 18:55:01
rubygems
rubygems
fastreader Gem for Ruby URI Handling Arbitrary Command Injection
2013-03-12 20:00:00