Skip to main content

Sprout

1 CVEs product

Monthly

CVE-2013-6421 Ruby HIGH POC This Week

The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Sprout
NVD
CVSS 2.0
7.5
EPSS
1.2%
EPSS 1% CVSS 7.5
HIGH POC This Week

The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Sprout
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy