CVE-2013-4203
rgpg < 0.2.3 - Remote Code Execution via Shell Metacharacters in gpg_helper.rb
Title source: llmDescription
The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem before 0.2.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/08/03/2
Exploit, Patch x_refsource_confirm
https://github.com/rcook/rgpg/commit/b819b13d198495f3ecd2762a0dbe27bb6fae3505
Scores
EPSS
0.0142
EPSS Percentile
80.8%
Details
CWE
CWE-94
Status
published
Products (4)
richard_cook/rgpg
0.2.0
richard_cook/rgpg
0.2.1
richard_cook/rgpg
< 0.2.2
rubygems/rgpg
0 - 0.2.3RubyGems
Published
Oct 11, 2013
Tracked Since
Feb 18, 2026