CVE-2014-2888
The sfpagent Ruby gem (version prior to 0.4.15) is affected by CVE-2014-2888: a remote command-injection flaw where a JSON request’s module name can include shell metacharacters, allowing an attacker to execute arbitrary commands on the target. Descriptions across NVD, GHSA, RubySec, and related ...