CVE-2011-0739

The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
mikel_lindsaarmail
𝑥
≤ 2.2.14
mikel_lindsaarmail
1.0.0
mikel_lindsaarmail
1.1.0
mikel_lindsaarmail
1.2.1
mikel_lindsaarmail
1.2.5
mikel_lindsaarmail
1.2.6
mikel_lindsaarmail
1.2.7
mikel_lindsaarmail
1.2.8
mikel_lindsaarmail
1.2.9
mikel_lindsaarmail
1.3.0
mikel_lindsaarmail
1.3.1
mikel_lindsaarmail
1.3.2
mikel_lindsaarmail
1.3.3
mikel_lindsaarmail
1.3.4
mikel_lindsaarmail
1.3.5
mikel_lindsaarmail
1.4.0
mikel_lindsaarmail
1.4.1
mikel_lindsaarmail
1.4.2
mikel_lindsaarmail
1.4.3
mikel_lindsaarmail
1.5.0
mikel_lindsaarmail
1.5.1
mikel_lindsaarmail
1.5.2
mikel_lindsaarmail
1.5.3
mikel_lindsaarmail
1.5.4
mikel_lindsaarmail
1.6.0
mikel_lindsaarmail
2.0.3
mikel_lindsaarmail
2.0.5
mikel_lindsaarmail
2.1.0
mikel_lindsaarmail
2.1.1
mikel_lindsaarmail
2.1.2
mikel_lindsaarmail
2.1.3
mikel_lindsaarmail
2.1.5
mikel_lindsaarmail
2.1.5.1
mikel_lindsaarmail
2.1.5.2
mikel_lindsaarmail
2.1.5.3
mikel_lindsaarmail
2.2.0
mikel_lindsaarmail
2.2.1
mikel_lindsaarmail
2.2.2
mikel_lindsaarmail
2.2.3
mikel_lindsaarmail
2.2.4
mikel_lindsaarmail
2.2.5
mikel_lindsaarmail
2.2.5.1
mikel_lindsaarmail
2.2.5.2
mikel_lindsaarmail
2.2.6
mikel_lindsaarmail
2.2.6.1
mikel_lindsaarmail
2.2.7
mikel_lindsaarmail
2.2.9
mikel_lindsaarmail
2.2.9.1
mikel_lindsaarmail
2.2.10
mikel_lindsaarmail
2.2.11
mikel_lindsaarmail
2.2.12
mikel_lindsaarmail
2.2.13
𝑥
= Vulnerable software versions