RubySec

Providing security resources for the Ruby community

OSVDB-108579 (lynx): lynx Gem for Ruby lib/lynx/pipe/run.rb Remote Command Execution

ADVISORIES

GEM

lynx

PATCHED VERSIONS

None.

DESCRIPTION

lynx Gem for Ruby contains a flaw in lib/lynx/pipe/run.rb that may allow a remote attacker to execute arbitrary commands.

RELATED

Contact us @rubysec or open an issue on our GitHub repository.

Recent Advisories