CVE-2014-4994 (gyazo): gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

June 30th, 2014

ADVISORIES

CVE-2014-4994 (NVD)
OSVDB-108563

GEM

PATCHED VERSIONS

>= 2.0.0

DESCRIPTION

gyazo Gem for Ruby contains a flaw in client.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.

RubySec

CVE-2014-4994 (gyazo): gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

ADVISORIES

GEM

PATCHED VERSIONS

DESCRIPTION

Recent Advisories