← Back

Sprout

sprout

Vendor: Projectsprouts • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2013-6421
1Projectsprouts
1Sprout
Apr 29, 2026
Dec 12, 2013
N/A· v4
N/A· v3
7.5 HIGH· v2
The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path.