Vulnerabilities > Mark Burns > Ldoce > 0.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-03 | CVE-2013-1911 | Improper Input Validation vulnerability in Mark Burns Ldoce 0.0.2 lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name. | 6.8 |