Home page logo

oss-sec logo oss-sec mailing list archives

Vulnerability Reported in my Ruby Gem
From: richard schneeman <richard.schneeman () gmail com>
Date: Tue, 8 Oct 2013 12:21:55 -0500

I'm interested in creating a CVE for this issue and came to this mailing
list from this link:

I maintain the ruby gem 'wicked' (roughly 100k downloads). A vulnerability
has been reported allowing an attacker to read arbitrary files on a system.

All previously released versions are vulnerable. Version 1.0.1 has been
released with the problem patched.

Email: richard.schneeman () gmail com
Software Name: Wicked gem

Commit of fix:

Please let me know if you need more information or if this is the wrong
forum for this type of a request

Richard Schneeman

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]