CVE-2014-0156
N/A
N/A
Summary
Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | awesome_spawn | >1.20, >= 1.30 | affected |
Weaknesses
- CWE-78: CWE-78
ADP Enrichment
CVE Program Container
Additional References
- https://rubysec.com/advisories/CVE-2014-0156/
- https://github.com/ManageIQ/awesome_spawn/commit/e524f85f1c6e292ef7d117d7818521307ac269ff
References
- https://rubysec.com/advisories/CVE-2014-0156/
- https://github.com/ManageIQ/awesome_spawn/commit/e524f85f1c6e292ef7d117d7818521307ac269ff
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.