CVE-2011-0739: Improper Input Validation

February 2, 2011 (updated August 17, 2017)

The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.

References

nvd.nist.gov/vuln/detail/CVE-2011-0739

Code Behaviors & Features

Detect and mitigate CVE-2011-0739 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →