Lucene search
Veracode Vulnerability DatabaseVERACODE:4043HistoryMay 02, 2017 - 1:44 a.m.
Arbitrary Command Execution
2017-05-0201:44:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.007 Low
EPSS
Percentile
80.5%
smalruby-editor is vulnerable to arbitrary OS command injection attacks. The vulnerability exists due to the improper input sanitization in the usage of Open3.capture3.
| CPE | Name | Operator | Version |
|---|---|---|---|
| smalruby-editor | le | 0.4.0 |
References
jvn.jp/en/jp/JVN50197114/index.html
smalruby.jp/blog/2017/01/14/smalruby-editor-0-4-1-has-been-released-english.html
www.securityfocus.com/bid/95775
github.com/smalruby/smalruby-editor/commit/5b5e7f2ec3808152c772197e0c4143fb507290d5
smalruby.jp/blog/2017/01/14/smalruby-editor-0-4-1-has-been-released-english.html
Related
cve
cve
CVE-2017-2096
2017-04-28 16:59:00
osv
osv
smalruby and smalruby-editor vulnerable to OS Command Injection
2022-05-13 01:16:27
CVE-2017-2096
2017-04-28 16:59:00
nvd
nvd
CVE-2017-2096
2017-04-28 16:59:00
github
github
smalruby and smalruby-editor vulnerable to OS Command Injection
2022-05-13 01:16:27
cvelist
cvelist
CVE-2017-2096
2017-04-28 16:00:00
jvn
jvn
JVN#50197114: smalruby-editor vulnerable to OS command injection
2017-01-24 00:00:00
prion
prion
Design/Logic Flaw
2017-04-28 16:59:00