ADVISORIES
GEM
SEVERITY
CVSS v3.x: 8.1 (High)
CVSS v2.0: 9.3 (High)
PATCHED VERSIONS
- >= 12.3.3
DESCRIPTION
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in
Rake::FileList when supplying a filename that begins with the pipe character
|.