25 matches found
PT-2019-4784
Name of the Vulnerable Software and Affected Versions Nokogiri versions 1.10.3 and earlier Rexical versions 1.0.6 and earlier Description A command injection issue allows commands to be executed in a subprocess via Ruby's Kernel.open method. This occurs when the undocumented method...
FreeBSD : Nokogiri -- injection vulnerability (0569146e-bdef-11e9-bd31-8de4a4470bbb)
Nokogiri GitHub release : A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...
Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input. This vulnerability appears...
Nokogiri -- injection vulnerability
Nokogiri GitHub release: A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...
Rexical Command Injection Vulnerability
A command injection vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. It allows commands to be executed in a subprocess by Ruby's Kernel.open method...