Critical severity9.8NVD Advisory· Published Oct 5, 2018· Updated Jun 17, 2026
CVE-2014-10075
CVE-2014-10075
Description
The karo gem 2.3.8 for Ruby allows Remote command injection via the host field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
karoRubyGems | <= 2.5.2 | — |
Affected products
1Patches
Vulnerability mechanics
References
7- www.vapid.dhs.org/advisories/karo-2.3.8.htmlnvdExploitThird Party AdvisoryWEB
- www.vapidlabs.com/advisory.phpnvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-qfwq-chf4-jvwgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-10075ghsaADVISORY
- github.com/rahult/karo/blob/master/lib/karo/db.rbghsaWEB
- github.com/rahult/karo/blob/master/lib/karo/db.rbghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/karo/CVE-2014-10075.ymlghsaWEB
News mentions
0No linked articles in our index yet.