42 matches found
EUVD-2017-0304
Malware in sbrugna...
EUVD-2017-0220
Malware in sbrugna...
EUVD-2017-0219
Malware in sbrugna...
EUVD-2017-0290
Malware in sbrugna...
SUSE CVE-2011-0739
The deliver function in the sendmail delivery agent lib/mail/network/deliverymethods/sendmail.rb in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address...
SUSE CVE-2012-2140
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
SUSE CVE-2012-2139
Directory traversal vulnerability in lib/mail/network/deliverymethods/filedelivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. dot dot in the to parameter...
SUSE CVE-2015-9097
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
Advisory ROSA-SA-2021-1966
Software: ruby 2.0.0.648 OS: Cobalt 7.9 CVE-ID: CVE-2012-6684 CVE-Crit: MEDIUM CVE-DESC: A cross-site scripting XSS vulnerability in the RedCloth 4.2.9 library for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI. CVE-STATUS: default CVE-REV:...
Ruby mail gem command injection vulnerability
Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. mail gem is one of the e-mail processing libraries. A command injection vulnerability exists in Ruby mail gem versions prior to 2.5.5. The vulnerability c...
GHSA-CPJC-P7FC-J9XH Mail Improper Input Validation vulnerability
The deliver function in the sendmail delivery agent lib/mail/network/deliverymethods/sendmail.rb in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address...
Mail Gem Path Traversal vulnerability
Directory traversal vulnerability in lib/mail/network/deliverymethods/filedelivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. dot dot in the to parameter...
Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
GHSA-RP63-JFMW-532W Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
GHSA-CJ92-C4FJ-W9C5 Mail Gem Path Traversal vulnerability
Directory traversal vulnerability in lib/mail/network/deliverymethods/filedelivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. dot dot in the to parameter...
Mail Gem CRLF Injection vulnerability
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
GHSA-Q86F-FMQF-QRF6 Mail Gem CRLF Injection vulnerability
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
CVE-2015-9097
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
DEBIAN-CVE-2015-9097
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
CVE-2015-9097
The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...