Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5g9u-91h5-8yaz

Summary

Command injection vulnerability
The `unpack_zip` function in `archive_unpacker.rb` in the sprout gem for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename or path.

Aliases

alias	CVE-2013-6421

alias	GHSA-229r-pqp6-8w6g

alias	OSV-100598

Fixed_packages

Affected_packages

url pkg:gem/sprout@0.7.0

purl pkg:gem/sprout@0.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.0

url pkg:gem/sprout@0.7.153

purl pkg:gem/sprout@0.7.153

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.153

url pkg:gem/sprout@0.7.156

purl pkg:gem/sprout@0.7.156

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.156

url pkg:gem/sprout@0.7.157

purl pkg:gem/sprout@0.7.157

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.157

url pkg:gem/sprout@0.7.159

purl pkg:gem/sprout@0.7.159

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.159

url pkg:gem/sprout@0.7.162

purl pkg:gem/sprout@0.7.162

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.162

url pkg:gem/sprout@0.7.163

purl pkg:gem/sprout@0.7.163

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.163

url pkg:gem/sprout@0.7.165

purl pkg:gem/sprout@0.7.165

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.165

url pkg:gem/sprout@0.7.167

purl pkg:gem/sprout@0.7.167

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.167

url pkg:gem/sprout@0.7.169

purl pkg:gem/sprout@0.7.169

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.169

url pkg:gem/sprout@0.7.170

purl pkg:gem/sprout@0.7.170

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.170

url pkg:gem/sprout@0.7.171

purl pkg:gem/sprout@0.7.171

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.171

url pkg:gem/sprout@0.7.182

purl pkg:gem/sprout@0.7.182

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.182

url pkg:gem/sprout@0.7.183

purl pkg:gem/sprout@0.7.183

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.183

url pkg:gem/sprout@0.7.191

purl pkg:gem/sprout@0.7.191

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.191

url pkg:gem/sprout@0.7.192

purl pkg:gem/sprout@0.7.192

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.192

url pkg:gem/sprout@0.7.193

purl pkg:gem/sprout@0.7.193

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.193

url pkg:gem/sprout@0.7.196

purl pkg:gem/sprout@0.7.196

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.196

url pkg:gem/sprout@0.7.197

purl pkg:gem/sprout@0.7.197

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.197

url pkg:gem/sprout@0.7.198

purl pkg:gem/sprout@0.7.198

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.198

url pkg:gem/sprout@0.7.201

purl pkg:gem/sprout@0.7.201

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.201

url pkg:gem/sprout@0.7.203

purl pkg:gem/sprout@0.7.203

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.203

url pkg:gem/sprout@0.7.204

purl pkg:gem/sprout@0.7.204

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.204

url pkg:gem/sprout@0.7.205

purl pkg:gem/sprout@0.7.205

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.205

url pkg:gem/sprout@0.7.206

purl pkg:gem/sprout@0.7.206

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.206

url pkg:gem/sprout@0.7.210

purl pkg:gem/sprout@0.7.210

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.210

url pkg:gem/sprout@0.7.211

purl pkg:gem/sprout@0.7.211

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.211

url pkg:gem/sprout@0.7.212

purl pkg:gem/sprout@0.7.212

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.212

url pkg:gem/sprout@0.7.213

purl pkg:gem/sprout@0.7.213

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.213

url pkg:gem/sprout@0.7.215

purl pkg:gem/sprout@0.7.215

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.215

url pkg:gem/sprout@0.7.217

purl pkg:gem/sprout@0.7.217

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.217

url pkg:gem/sprout@0.7.218

purl pkg:gem/sprout@0.7.218

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.218

url pkg:gem/sprout@0.7.219

purl pkg:gem/sprout@0.7.219

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.219

url pkg:gem/sprout@0.7.220

purl pkg:gem/sprout@0.7.220

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.220

url pkg:gem/sprout@0.7.221

purl pkg:gem/sprout@0.7.221

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.221

url pkg:gem/sprout@0.7.223

purl pkg:gem/sprout@0.7.223

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.223

url pkg:gem/sprout@0.7.224

purl pkg:gem/sprout@0.7.224

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.224

url pkg:gem/sprout@0.7.226

purl pkg:gem/sprout@0.7.226

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.226

url pkg:gem/sprout@0.7.227

purl pkg:gem/sprout@0.7.227

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.227

url pkg:gem/sprout@0.7.228

purl pkg:gem/sprout@0.7.228

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.228

url pkg:gem/sprout@0.7.229

purl pkg:gem/sprout@0.7.229

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.229

url pkg:gem/sprout@0.7.233

purl pkg:gem/sprout@0.7.233

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.233

url pkg:gem/sprout@0.7.234

purl pkg:gem/sprout@0.7.234

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.234

url pkg:gem/sprout@0.7.235

purl pkg:gem/sprout@0.7.235

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.235

url pkg:gem/sprout@0.7.236

purl pkg:gem/sprout@0.7.236

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.236

url pkg:gem/sprout@0.7.237

purl pkg:gem/sprout@0.7.237

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.237

url pkg:gem/sprout@0.7.239

purl pkg:gem/sprout@0.7.239

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.239

url pkg:gem/sprout@0.7.240

purl pkg:gem/sprout@0.7.240

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.240

url pkg:gem/sprout@0.7.241

purl pkg:gem/sprout@0.7.241

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.241

url pkg:gem/sprout@0.7.244

purl pkg:gem/sprout@0.7.244

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.244

url pkg:gem/sprout@0.7.245

purl pkg:gem/sprout@0.7.245

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.245

url pkg:gem/sprout@0.7.246

purl pkg:gem/sprout@0.7.246

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@0.7.246

url pkg:gem/sprout@1.0.0.pre

purl pkg:gem/sprout@1.0.0.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.0.pre

url pkg:gem/sprout@1.0.1.pre

purl pkg:gem/sprout@1.0.1.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.1.pre

url pkg:gem/sprout@1.0.2.pre

purl pkg:gem/sprout@1.0.2.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.2.pre

url pkg:gem/sprout@1.0.3.pre

purl pkg:gem/sprout@1.0.3.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.3.pre

url pkg:gem/sprout@1.0.4.pre

purl pkg:gem/sprout@1.0.4.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.4.pre

url pkg:gem/sprout@1.0.5.pre

purl pkg:gem/sprout@1.0.5.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.5.pre

url pkg:gem/sprout@1.0.8.pre

purl pkg:gem/sprout@1.0.8.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.8.pre

url pkg:gem/sprout@1.0.9.pre

purl pkg:gem/sprout@1.0.9.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.9.pre

url pkg:gem/sprout@1.0.11.pre

purl pkg:gem/sprout@1.0.11.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.11.pre

url pkg:gem/sprout@1.0.13.pre

purl pkg:gem/sprout@1.0.13.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.13.pre

url pkg:gem/sprout@1.0.14.pre

purl pkg:gem/sprout@1.0.14.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.14.pre

url pkg:gem/sprout@1.0.15.pre

purl pkg:gem/sprout@1.0.15.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.15.pre

url pkg:gem/sprout@1.0.16.pre

purl pkg:gem/sprout@1.0.16.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.16.pre

url pkg:gem/sprout@1.0.17.pre

purl pkg:gem/sprout@1.0.17.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.17.pre

url pkg:gem/sprout@1.0.18.pre

purl pkg:gem/sprout@1.0.18.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.18.pre

url pkg:gem/sprout@1.0.19.pre

purl pkg:gem/sprout@1.0.19.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.19.pre

url pkg:gem/sprout@1.0.20.pre

purl pkg:gem/sprout@1.0.20.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.20.pre

url pkg:gem/sprout@1.0.22.pre

purl pkg:gem/sprout@1.0.22.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.22.pre

url pkg:gem/sprout@1.0.23.pre

purl pkg:gem/sprout@1.0.23.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.23.pre

url pkg:gem/sprout@1.0.24.pre

purl pkg:gem/sprout@1.0.24.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.24.pre

url pkg:gem/sprout@1.0.25.pre

purl pkg:gem/sprout@1.0.25.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.25.pre

url pkg:gem/sprout@1.0.26.pre

purl pkg:gem/sprout@1.0.26.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.26.pre

url pkg:gem/sprout@1.0.29.pre

purl pkg:gem/sprout@1.0.29.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.29.pre

url pkg:gem/sprout@1.0.31.pre

purl pkg:gem/sprout@1.0.31.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.31.pre

url pkg:gem/sprout@1.0.32.pre

purl pkg:gem/sprout@1.0.32.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.32.pre

url pkg:gem/sprout@1.0.35.pre

purl pkg:gem/sprout@1.0.35.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.0.35.pre

url pkg:gem/sprout@1.1.2.pre

purl pkg:gem/sprout@1.1.2.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.2.pre

url pkg:gem/sprout@1.1.3.pre

purl pkg:gem/sprout@1.1.3.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.3.pre

url pkg:gem/sprout@1.1.4.pre

purl pkg:gem/sprout@1.1.4.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.4.pre

url pkg:gem/sprout@1.1.5.pre

purl pkg:gem/sprout@1.1.5.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.5.pre

url pkg:gem/sprout@1.1.7.pre

purl pkg:gem/sprout@1.1.7.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.7.pre

url pkg:gem/sprout@1.1.10.pre

purl pkg:gem/sprout@1.1.10.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.10.pre

url pkg:gem/sprout@1.1.11.pre

purl pkg:gem/sprout@1.1.11.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.11.pre

url pkg:gem/sprout@1.1.13.pre

purl pkg:gem/sprout@1.1.13.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.13.pre

url pkg:gem/sprout@1.1.14.pre

purl pkg:gem/sprout@1.1.14.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.14.pre

url pkg:gem/sprout@1.1.15.pre

purl pkg:gem/sprout@1.1.15.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.15.pre

url pkg:gem/sprout@1.1.16.pre

purl pkg:gem/sprout@1.1.16.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.16.pre

url pkg:gem/sprout@1.1.17.pre

purl pkg:gem/sprout@1.1.17.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.17.pre

url pkg:gem/sprout@1.1.18.pre

purl pkg:gem/sprout@1.1.18.pre

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5g9u-91h5-8yaz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/sprout@1.1.18.pre

References

reference_url

http://archives.neohapsis.com/archives/bugtraq/2013-12/0077.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://archives.neohapsis.com/archives/bugtraq/2013-12/0077.html

reference_url	http://cxsecurity.com/issue/WLB-2013120023
reference_id
reference_type
scores
url	http://cxsecurity.com/issue/WLB-2013120023

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6421

reference_id

reference_type

scores

value	0.01228
scoring_system	epss
scoring_elements	0.79464
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6421

reference_url

https://github.com/lukebayes/project-sprouts

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lukebayes/project-sprouts

reference_url	https://github.com/lukebayes/project-sprouts/blob/e8e6c60438cd1a4d598645760b00ea005eb1cc2c/lib/sprout/archive_unpacker.rb#L90
reference_id
reference_type
scores
url	https://github.com/lukebayes/project-sprouts/blob/e8e6c60438cd1a4d598645760b00ea005eb1cc2c/lib/sprout/archive_unpacker.rb#L90

reference_url

http://vapid.dhs.org/advisories/sprout-0.7.246-command-inj.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://vapid.dhs.org/advisories/sprout-0.7.246-command-inj.html

reference_url

http://www.openwall.com/lists/oss-security/2013/12/03/1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2013/12/03/1

reference_url

http://www.openwall.com/lists/oss-security/2013/12/03/6

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2013/12/03/6

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-6421

reference_id

CVE-2013-6421

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-6421

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sprout/CVE-2013-6421.yml

reference_id

CVE-2013-6421.YML

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sprout/CVE-2013-6421.yml

reference_url

https://github.com/advisories/GHSA-229r-pqp6-8w6g

reference_id

GHSA-229r-pqp6-8w6g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-229r-pqp6-8w6g

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	94
name	Improper Control of Generation of Code ('Code Injection')
description	The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g9u-91h5-8yaz

Vulnerability Instance