ADVISORIES
- CVE-2014-1834 (NVD)
- OSVDB-102129
GEM
PATCHED VERSIONS
None.
DESCRIPTION
Echor Gem for Ruby contains a flaw in backplane.rb in the perform_request function that is triggered when a semi-colon (;) is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a rails application.