MidnightBSD

Advisories for webbynode

CVE-2013-7086 HIGH

The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growlnotify message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
webbynode webbynode *
webbynode webbynode 1.0.5
webbynode webbynode 1.0.5.1
webbynode webbynode 1.0.5.2