builder 1.2.4

1 security vulnerability found in version 1.2.4

Builder Gem for Ruby Tag Name Handling Private Method Exposure

high severity OSVDB-95668
high severity OSVDB-95668
Patched versions: >= 2.1.2

Builder Gem for Ruby contains a flaw in the handling of tag names. The issue is triggered when the program reads tag names from XML data and then calls a method with that name. With a specially crafted file, a context-dependent attacker can call private methods and manipulate data.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

Gem version without a license.


Unless a license that specifies otherwise is included, nobody can use, copy, distribute, or modify this library without being at risk of take-downs, shake-downs, or litigation.

This gem version is available.


This gem version has not been yanked and is still available for usage.