Search for packages
Package details: pkg:gem/rexical@1.0.4
purl pkg:gem/rexical@1.0.4
Next non-vulnerable version 1.0.7
Latest non-vulnerable version 1.0.7
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zn3c-murn-p3hr
Aliases:
CVE-2019-5477
GHSA-cr5j-953j-xw5p
Rexical Command Injection Vulnerability A command injection vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. It allows commands to be executed in a subprocess by Ruby's `Kernel.open` method.
1.0.7
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T09:24:40.736581+00:00 GitLab Importer Affected by VCID-zn3c-murn-p3hr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rexical/CVE-2019-5477.yml 37.0.0