GHSA-42gq-h7xj-33r4

Source

https://github.com/advisories/GHSA-42gq-h7xj-33r4

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-42gq-h7xj-33r4/GHSA-42gq-h7xj-33r4.json

Aliases

• CVE-2013-4318

Published

2022-05-05T00:29:11Z

Modified

2024-02-16T08:10:39.180666Z

Details

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.

References

• https://nvd.nist.gov/vuln/detail/CVE-2013-4318
• https://github.com/mhennemeyer/features
• https://github.com/rubysec/ruby-advisory-db/blob/master/gems/features/CVE-2013-4318.yml
• https://security-tracker.debian.org/tracker/CVE-2013-4318
• http://www.openwall.com/lists/oss-security/2013/09/09/10