CVE-2017-10784
CVSS v3.0
8.8 (High)
CVSS v2.0
9.3 (High)
EPSS
0.83 % (82th)
Affected Products
1
Advisories
16
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.
Weaknesses
- CWE-287
- Improper Authentication
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2017-09-19 17:29:00
(7 years ago) - Updated Date
-
2018-10-31 10:29:04
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...