An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-06-17T19:02:14

Updated: 2024-08-04T21:17:30.583Z

Reserved: 2019-02-13T00:00:00

Link: CVE-2019-8322

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-17T20:15:10.353

Modified: 2024-11-21T04:49:41.410

Link: CVE-2019-8322

cve-icon Redhat

Severity : Low

Publid Date: 2019-03-05T00:00:00Z

Links: CVE-2019-8322 - Bugzilla