OSVDB-101577: Arbitrary Command Execution

December 31, 2013

The package flukso4r contains a flaw in /lib/flukso/R.rb that is due to the application failing to properly validate user-supplied input. This may allow a context-dependent attacker to execute arbitrary commands.

References

osvdb.org/show/osvdb/101577

Code Behaviors & Features

Detect and mitigate OSVDB-101577 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →