VulnerableCode Package Details - pkg:gem/rexical@1.0.7

Search for packages

Package details: pkg:gem/rexical@1.0.7

Essentials
History (3)

purl	pkg:gem/rexical@1.0.7

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-zn3c-murn-p3hr	Rexical Command Injection Vulnerability A command injection vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. It allows commands to be executed in a subprocess by Ruby's `Kernel.open` method.	CVE-2019-5477 GHSA-cr5j-953j-xw5p

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:24:40.758398+00:00	GitLab Importer	Fixing	VCID-zn3c-murn-p3hr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rexical/CVE-2019-5477.yml	37.0.0
2025-07-31T12:28:38.354772+00:00	GHSA Importer	Fixing	VCID-zn3c-murn-p3hr	https://github.com/advisories/GHSA-cr5j-953j-xw5p	37.0.0
2025-07-31T08:57:54.217000+00:00	GithubOSV Importer	Fixing	VCID-zn3c-murn-p3hr	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-cr5j-953j-xw5p/GHSA-cr5j-953j-xw5p.json	37.0.0