Lucene search
K

25 matches found

Positive Technologies
Positive Technologies
added 2019/08/16 12:0 a.m.17 views

PT-2019-4784

Name of the Vulnerable Software and Affected Versions Nokogiri versions 1.10.3 and earlier Rexical versions 1.0.6 and earlier Description A command injection issue allows commands to be executed in a subprocess via Ruby's Kernel.open method. This occurs when the undocumented method...

10CVSS7AI score0.64284EPSS
Exploits18References195
Tenable Nessus
Tenable Nessus
added 2019/08/14 12:0 a.m.36 views

FreeBSD : Nokogiri -- injection vulnerability (0569146e-bdef-11e9-bd31-8de4a4470bbb)

Nokogiri GitHub release : A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS8.1AI score0.05899EPSS
Exploits0References4
RubySec
RubySec
added 2019/08/11 12:0 a.m.23 views

Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input. This vulnerability appears...

9.8CVSS3.2AI score0.05899EPSS
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2019/08/11 12:0 a.m.31 views

Nokogiri -- injection vulnerability

Nokogiri GitHub release: A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS2.9AI score0.05899EPSS
Exploits0References2
RubySec
RubySec
added 2019/08/11 12:0 a.m.24 views

Rexical Command Injection Vulnerability

A command injection vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. It allows commands to be executed in a subprocess by Ruby's Kernel.open method...

9.8CVSS5.4AI score0.05899EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder