Lucene search
RubySecRUBY:COCAINE-2013-4457-98835HistoryOct 21, 2013 - 8:00 p.m.
Cocaine Gem for Ruby contains a flaw
2013-10-2120:00:00
RubySec
nvd.nist.gov
19
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
70.3%
Cocaine Gem for Ruby contains a flaw that is due to the method of variable
interpolation used by the program. With a specially crafted object, a context-dependent
attacker can execute arbitrary commands.
Affected configurations
Node
rubycocaineRange≤0.5.3
References
Related
cvelist
cvelist
CVE-2013-4457
2013-11-02 18:00:00
osv
osv
Cocaine Gem OS Command Injection vulnerability
2017-10-24 18:33:37
prion
prion
Design/Logic Flaw
2013-11-02 18:55:00
cve
cve
CVE-2013-4457
2013-11-02 18:55:03
github
github
Cocaine Gem OS Command Injection vulnerability
2017-10-24 18:33:37
nvd
nvd
CVE-2013-4457
2013-11-02 18:55:03
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
70.3%
Related for RUBY:COCAINE-2013-4457-98835