Arbitrary Command Execution Affecting lynx package, versions >= 0
Snyk CVSS
Attack Complexity
High
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUBY-LYNX-20160
- published 29 Jun 2014
- disclosed 29 Jun 2014
- credit Unknown
Overview
lynx
is a command line wrapper for MySQL.
Affected versions of this gem are vulnerable to arbitrary command executions due to a flaw in lib/lynx/pipe/run.rb
.