3 matches found
PT-2026-48707
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0496 Description A code injection issue exists in the s:stepmatch function within the cucumber filetype plugin runtime/ftplugin/cucumber.vim for builds with +ruby support. Step-definition patterns read from .rb files ...
Awesome spawn 操作系统命令注入漏洞
Awesome spawn is an open source module from ManageIQ in the US. It provides some useful features on Ruby's Kernel.spawn. A security vulnerability exists in Awesome spawn that stems from the fact that it allows the execution of other commands passed as arguments to Awesome spawn. An attacker can...
[SECURITY] [DLA 1933-1] ruby-nokogiri security update
Package : ruby-nokogiri Version : 1.6.3.1+ds-1+deb8u1 CVE ID : CVE-2019-5477 A command injection vulnerability in Nokogiri allows commands to be executed in a subprocess by Rubys Kernel.open method. For Debian 8 "Jessie", this problem has been fixed in version 1.6.3.1+ds-1+deb8u1. We recommend th...