VulnerableCode Package Details - pkg:deb/debian/rexical@1.0.5-2

Search for packages

Package details: pkg:deb/debian/rexical@1.0.5-2

Essentials
History (1)

purl	pkg:deb/debian/rexical@1.0.5-2

Next non-vulnerable version	1.0.7-1
Latest non-vulnerable version	1.0.7-1
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-zn3c-murn-p3hr Aliases: CVE-2019-5477 GHSA-cr5j-953j-xw5p	Rexical Command Injection Vulnerability A command injection vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. It allows commands to be executed in a subprocess by Ruby's `Kernel.open` method.	1.0.7-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T16:38:56.057566+00:00	Debian Oval Importer	Affected by	VCID-zn3c-murn-p3hr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0