CVE-2020-8130

Опубликовано: 24 фев. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.9

CVSS3: 6.4

Описание

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |.

Релиз	Статус	Примечание
bionic	released	12.3.1-1ubuntu0.1
devel	not-affected	13.0.1-2
eoan	released	12.3.1-3ubuntu0.1
esm-infra-legacy/trusty	DNE
esm-infra/bionic	released	12.3.1-1ubuntu0.1
esm-infra/xenial	released	10.5.0-2ubuntu0.1
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE
upstream	released	12.3.3-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 33%

0.00128

Низкий

6.9 Medium

CVSS2

6.4 Medium

CVSS3

Связанные уязвимости

CVE-2020-8130

CVSS3: 6.4

redhat

больше 6 лет назад

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

CVE-2020-8130

CVSS3: 6.4

nvd

почти 6 лет назад

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

CVE-2020-8130

msrc

4 месяца назад

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

CVE-2020-8130

CVSS3: 6.4

debian

почти 6 лет назад

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 i ...

SUSE-SU-2022:3212-1

suse-cvrf

больше 3 лет назад

Security update for rubygem-rake

EPSS

Процентиль: 33%

0.00128

Низкий

6.9 Medium

CVSS2

6.4 Medium

CVSS3

CVE-2020-8130

Описание

Пакет rake

Ссылки на источники

Связанные уязвимости