FlavourSaver handlebars helper remote code execution.
Published: September 04, 2014
SECURITY IDENTIFIERS
- OSVDB: OSVDB-110796
- Vendor Advisory: https://security.snyk.io/vuln/SNYK-RUBY-FLAVOURSAVER-5457859
GEM
PATCHED VERSIONS
>= 0.3.3
DESCRIPTION
FlavourSaver contains a flaw in helper method dispatch where it uses Kernel::send to call helpers without checking that they are defined within the template context first. This allows expressions such as {{system "ls"}} or {{eval "puts 1 + 1"}} to be executed.
RELATED
- https://github.com/FlavourSaver/FlavourSaver/compare/v0.3.2...v0.3.3
- https://github.com/FlavourSaver/FlavourSaver/commit/04a8ff444a9a9668a75b01b20b4974d398087a64
- https://raw.githubusercontent.com/codesake/codesake-dawn/master/Roadmap.md
- https://github.com/slowmistio/dawnscanner-analysis-security-scanner-for-ruby-/blob/master/Roadmap.md
- https://security.snyk.io/vuln/SNYK-RUBY-FLAVOURSAVER-5457859
- http://osvdb.org/show/osvdb/110796