5 matches found
CVE-2013-2617
lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...
CVE-2013-2617
lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...
CVE-2013-2617
The CVE-2013-2617 issue affects the Ruby Curl Gem (lib/curl.rb). The vulnerability allows remote attackers to execute arbitrary commands by supplying a URL containing shell metacharacters, due to insufficient URL escaping. This is documented in multiple sources (RubyGems advisory for CVE-2013-261...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2617. Reason: This candidate is a duplicate of CVE-2013-2617. Notes: All CVE users should reference CVE-2013-2617 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2013-2617 rubygem-curl: insufficient URL escaping command injection
lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...