cve/2019/CVE-2019-8325.md
2024-05-26 14:27:05 +02:00

659 B

CVE-2019-8325

Description

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)

POC

Reference

No PoCs from references.

Github