Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2019-8322 - Vulnerability Database
RubyGems

RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2019-8322

High
Reference: CVE-2019-8322
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-8322
Title: RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Overview:

An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore if the response is crafted escape sequence injection may occur.