CVE-2019-8321

Publication date

2019-06-17 19:02:34

Family

mitre

State

PUBLISHED

Description

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.