Security Advisory

CVE-2013-6421

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-12-12 18:00:00

Last updated 2024-08-06 17:39:01

Assigner redhat

State PUBLISHED

Description

The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path.

← Browse all CVEs View on cve.org ↗