RSS   Vulnerabilities for 'Sprout'   RSS

2013-12-12
 
CVE-2013-6421

CWE-94
 

 
The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path.

 


Copyright 2024, cxsecurity.com

 

Back to Top