6 matches found
EUVD-2017-0181
Malware in sbrugna...
GHSA-9WCM-RRVH-QJC8 High severity vulnerability that affects colorscore
Withdrawn, accidental duplicate publish. The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...
GHSA-73QW-WW62-M54X colorscore Command Injection vulnerability
The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...
colorscore Command Injection vulnerability
The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...
Ruby colorscore gem arbitrary code execution vulnerability
Ruby is a cross-platform, object-oriented, dynamically-typed programming language developed by Japanese software developer Yukihiro Matsumoto. colorscore gem is one of the libraries used to distinguish colors. A security vulnerability exists in the 'initialize' method of the Histogram class in th...
CVE-2015-7541
The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...