ADVISORIES
GEM
SEVERITY
CVSS v2.0: 7.5 (High)
UNAFFECTED VERSIONS
- < 2.1.0pre1
PATCHED VERSIONS
- >= 2.1.1
DESCRIPTION
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors.
RELATED
- CVE-2006-2581 (NVD)
- GHSA-gvhx-gj42-m28v
- https://nvd.nist.gov/vuln/detail/CVE-2006-2582
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26664
- https://github.com/advisories/GHSA-wwmf-6p58-6vj2
- https://github.com/advisories/GHSA-gvhx-gj42-m28v
- https://rubygems.org/gems/rwiki
- https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
- https://web.archive.org/web/20090504061152/http://pub.cozmixng.org/~the-rwiki/rw-cgi.rb?cmd=view;name=top
- https://web.archive.org/web/20081201080215/http://secunia.com/advisories/20264
- https://web.archive.org/web/20090524010623/http://www.vupen.com/english/advisories/2006/1949