CVE-2011-0739: Improper Input Validation
(updated )
The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.
References
Detect and mitigate CVE-2011-0739 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →