Advisory Database
  • Advisories
  • Dependency Scanning
  1. gem
  2. ›
  3. curl
  4. ›
  5. CVE-2013-2617

CVE-2013-2617: Remote command execution

March 20, 2013 (updated March 21, 2013)

Specially crafted URLs can result in remote code execution.

References

  • vapid.dhs.org/advisories/curl-ruby-gem-remote-exec.html
  • www.osvdb.org/show/osvdb/91230

Detect and mitigate CVE-2013-2617 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →

Affected versions

All versions up to 0.0.9

Impact 7.5 HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Learn more about CVSS

Weakness

  • CWE-94: Improper Control of Generation of Code ('Code Injection')

Source file

gem/curl/CVE-2013-2617.yml

Spotted a mistake? Edit the file on GitLab.

  • Site Repo
  • About GitLab
  • Terms
  • Privacy Statement
  • Contact

Page generated Sat, 23 Nov 2024 00:15:51 +0000.