CVE-2013-6421
The CVE-2013-6421 entry concerns the sprout Ruby gem (archive_unpacker.rb, unpack_zip) in version 0.7.246. The vulnerability allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path, due to insufficient sanitization of inputs (zip_fil...