CVE-2019-8322
CVSS v3.1
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.20 % (59th)
Affected Products
3
Advisories
17
An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
Weaknesses
- CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2019-06-17 20:15:10
(5 years ago) - Updated Date
-
2020-08-19 19:00:21
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...