Tag
escape-sequence-injection
Safeguard articles tagged "escape-sequence-injection" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Open Source Security
RubyGems Escape Sequence Injection via Crafted API Respon...
CVE-2019-8322 is a RubyGems flaw where crafted API responses could inject terminal escape sequences, spoofing gem output. Here's what to know and how to fix it.
Dec 4, 20258 min read
Open Source Security
RubyGems Escape Sequence Injection in Gem Owner Command (...
CVE-2019-8323 shows how RubyGems' gem owner command echoed unsanitized API response data to the terminal, enabling escape sequence injection attacks.
Dec 4, 20257 min read