CVE-2017-2096
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in gem/smalruby
Identifiers
GHSA-f489-655r-x6gr, CVE-2017-2096
Package Slug
gem/smalruby
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
smalruby-editor v0.4.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Affected Versions
All versions before 0.1.11
Solution
Upgrade to version 0.1.11 or above.
Last Modified
2023-01-27
| source |