GHSA-wwmf-6p58-6vj2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wwmf-6p58-6vj2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-wwmf-6p58-6vj2/GHSA-wwmf-6p58-6vj2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wwmf-6p58-6vj2
- Aliases
-
- CVE-2006-2582
- Published
- 2017-10-24T18:33:38Z
- Modified
- 2023-11-08T03:56:46.725585Z
- Summary
- Remote code execution in rwiki
- Details
-
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors.
- Database specific
{ "nvd_published_at": "2006-05-25T10:02:00Z", "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2020-06-16T22:01:28Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2006-2582
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26668
- https://github.com/advisories/GHSA-wwmf-6p58-6vj2
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rwiki/CVE-2006-2582.yml
- https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
- http://secunia.com/advisories/20264
- http://www.vupen.com/english/advisories/2006/1949
Affected packages
RubyGems / rwiki
Package
- Name
- rwiki
- Purl
- pkg:gem/rwiki