📦

mail_gem

Vendor: rubygems

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 3.60% Exploit Prob.

Latest CVE CVE-2012-2140 Jul 18

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2012-2140

RCE

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.

EPSS: 3.67%

Severity: HIGH

Jul 18, 2012

5.0 CVSS

CVE-2012-2139

Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.

EPSS: 3.53%

Severity: MEDIUM

Jul 18, 2012

Displaying 2 of 4 Total Entries

Total 1 Sections