mailing list archives
Vulnerability Reported in my Ruby Gem
From: richard schneeman <richard.schneeman () gmail com>
Date: Tue, 8 Oct 2013 12:21:55 -0500
I'm interested in creating a CVE for this issue and came to this mailing
list from this link:
I maintain the ruby gem 'wicked' (roughly 100k downloads). A vulnerability
has been reported allowing an attacker to read arbitrary files on a system.
All previously released versions are vulnerable. Version 1.0.1 has been
released with the problem patched.
Email: richard.schneeman () gmail com
Software Name: Wicked gem
Commit of fix:
Please let me know if you need more information or if this is the wrong
forum for this type of a request
- Vulnerability Reported in my Ruby Gem richard schneeman (Oct 08)