RubySec

Providing security resources for the Ruby community

CVE-2013-2095 (openshift-origin-controller): RubyGem openshift-origin-controller is vulnerable to command injection

ADVISORIES

GEM

openshift-origin-controller

SEVERITY

CVSS v3.x: 9.8 (Critical)

CVSS v2.0: 7.5 (High)

PATCHED VERSIONS

None.

DESCRIPTION

'rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection'

RELATED