CVE-2025-54314

July 19, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-54314
Type cve
Published 2025-07-20T00:00:00.000Z
Modified 2025-07-20T02:22:46.900Z

Product Information

Vendor rubyonrails
Product Thor
Version 0

CVSS Information

Base Score 2.8 (LOW)
Attack Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

Affected Products

  • rubyonrails Thor 0

Additional Information

CWE List CWE-78
Source mitre

Description

Thor before 1.4.0 can construct an unsafe shell command from library input.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.