Vulnerabilities > Projectsprouts > Sprout > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-12 | CVE-2013-6421 | Code Injection vulnerability in Projectsprouts Sprout 0.7.246 The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path. | 7.5 |