3 matches found
ruby4.0-rubygem-thor-1.4.0-1.3 on GA media (moderate)
ruby4.0-rubygem-thor-1.4.0-1.3 on GA media Announcement ID: openSUSE-SU-2026:10366-1 Rating: moderate Cross-References: CVE-2025-54314 CVSS scores: CVE-2025-54314 SUSE : 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N CVE-2025-54314 SUSE : 2...
OPENSUSE-SU-2026:10366-1 ruby4.0-rubygem-thor-1.4.0-1.3 on GA media
These are all security issues fixed in the ruby4.0-rubygem-thor-1.4.0-1.3 package on the GA media of openSUSE Tumbleweed...
thor ruby gem command injection vulnerability
The thor ruby gem is a toolkit for building command-line applications. A command injection vulnerability exists in the thor ruby gem, which stems from the use of the open-uri 'open' function in Thor::Actionsget. An attacker could exploit this vulnerability to execute system commands...