gollum-lib 3.0.0
1 security vulnerability
found in version
3.0.0
gollum and gollum-lib allow remote authenticated users to execute arbitrary code
high severity CVE-2014-9489
high severity
CVE-2014-9489
Patched versions:
>= 4.0.1
The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and
the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string master
is in any of the wiki documents, allows remote authenticated users to execute arbitrary
code via the -O
or --open-files-in-pager
flags.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.