1803937 – (CVE-2013-1607) CVE-2013-1607 rubygem-pdfkit: remote code execution due to improperly escaped strings

Bug 1803937 (CVE-2013-1607) - CVE-2013-1607 rubygem-pdfkit: remote code execution due to improperly escaped strings

Summary: CVE-2013-1607 rubygem-pdfkit: remote code execution due to improperly escaped...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2013-1607
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-02-17 18:38 UTC by Guilherme de Almeida Suckevicz
Modified:	2021-10-05 14:13 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-10-05 14:13:02 UTC
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2020-02-17 18:38:04 UTC

Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability

References:
https://github.com/pdfkit/pdfkit/issues/164
https://www.securityfocus.com/bid/58303/info

Comment 1 Mamoru TASAKA 2021-10-05 12:47:35 UTC

Well, how long is this kind of bug (related to CVE) going to be left open?

There is no activity on this bug for about 20 months, but this kind of CVE bug are currently
not going to be closed and it keeps catching my eyes...

Comment 2 Guilherme de Almeida Suckevicz 2021-10-05 14:13:02 UTC

I closed it manually. Thanks.

Note You need to log in before you can comment on or make changes to this bug.