GHSA-wwmf-6p58-6vj2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wwmf-6p58-6vj2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-wwmf-6p58-6vj2/GHSA-wwmf-6p58-6vj2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wwmf-6p58-6vj2
- Aliases
-
- CVE-2006-2582
- Published
- 2017-10-24T18:33:38Z
- Modified
- 2025-04-03T14:25:17Z
- Summary
- Remote code execution in rwiki
- Details
-
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors.
- Database specific
{ "cwe_ids": [], "github_reviewed": true, "github_reviewed_at": "2020-06-16T22:01:28Z", "nvd_published_at": "2006-05-25T10:02:00Z", "severity": "HIGH" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2006-2582
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26668
- https://github.com/advisories/GHSA-wwmf-6p58-6vj2
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rwiki/CVE-2006-2582.yml
- https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
- http://secunia.com/advisories/20264
- http://www.vupen.com/english/advisories/2006/1949
Affected packages
RubyGems / rwiki
Package
- Name
- rwiki
- Purl
- pkg:gem/rwiki