CVE-2013-2617

Опубликовано: 12 мар. 2013

Источник: redhat

CVSS2: 7.5

Описание

lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Статус:

Critical

Дефект:

CWE-78

https://bugzilla.redhat.com/show_bug.cgi?id=924240rubygem-curl: insufficient URL escaping command injection

7.5 High

CVSS2

CVE-2013-2617

nvd

почти 13 лет назад

lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

GHSA-hxx6-p24v-wg8c

github

больше 8 лет назад

Curl Gem insufficient URL escaping command injection

7.5 High

CVSS2