GHSA-gwrj-88fp-5m36
Suggest an improvement- Source
- https://github.com/advisories/GHSA-gwrj-88fp-5m36
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-gwrj-88fp-5m36/GHSA-gwrj-88fp-5m36.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-gwrj-88fp-5m36
- Aliases
-
- CVE-2021-35514
- Published
- 2021-07-02T18:36:01Z
- Modified
- 2023-11-08T04:06:10.193384Z
- Severity
-
- 8.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N CVSS Calculator
- Summary
- Code injection in Narou
- Details
-
Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel.
- Database specific
{ "nvd_published_at": "2021-06-28T12:15:00Z", "github_reviewed_at": "2021-06-30T17:42:19Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-94" ] }- References
Affected packages
RubyGems / narou
Package
- Name
- narou
- Purl
- pkg:gem/narou
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.0
Affected versions
1.*
1.0.0
1.0.1
1.0.2
1.1.0.rc1
1.1.0.rc2
1.1.0
1.1.1
1.1.2
1.1.2.1
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5.rc1
1.2.5.rc2
1.2.5
1.2.5.1
1.2.6
1.2.7
1.2.8
1.2.9.rc1
1.2.9
1.3.0
1.3.0.1
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.5.1
1.4.0
1.4.1
1.4.1.1
1.4.2.rc1
1.4.2.rc2
1.4.3
1.4.4
1.4.5
1.4.6
1.5.0
1.5.0.1
1.5.0.2
1.5.1
1.5.2
1.5.2.1
1.5.3
1.5.4
1.5.5
1.5.5.1
1.5.6
1.5.6.1
1.5.7
1.5.7.1
1.5.8
1.5.9
1.5.10
1.5.10.1
1.5.11
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.7.0
1.7.1
1.7.2
2.*
2.0.0
2.0.1
2.0.2
2.1.0
2.1.1.pre.test1
2.2.0
2.3.0.pre.test1
2.3.0
2.3.1
2.3.2
2.3.3
2.4.0
2.4.1
2.4.2
2.5.1
2.5.2
2.6.0
2.6.1
2.7.0
2.7.1
2.7.2
2.8.0
2.8.1
2.8.2
2.8.3
2.8.3.1
2.9.0
2.9.1
2.9.2
2.9.3
2.9.3.1
2.9.4
2.9.5
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.5.1
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11
3.2.0
3.2.0.1
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.5.1
3.3.0
3.3.1
3.3.2
3.4.0
3.4.1
3.4.2
3.4.3
3.4.5
3.4.6
3.4.6.1
3.4.7
3.4.7.1
3.4.8
3.5.0
3.5.0.1
3.5.1
3.6.0
3.7.0
3.7.1
3.7.2