|Type||Arbitrary command execution|
RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a local file. If a Ruby project has a file whose name starts with "|" and ends with "tags", the command following the pipe character is executed. A malicious Ruby project could exploit it to run an arbitrary command execution against a user who attempts to run the rdoc command.
|14 Jul 2021||ASA-202107-25||AVG-2140||ruby2.6||High||multiple issues|
|06 Jul 2021||ASA-202107-18||AVG-2125||gitlab||High||multiple issues|