← All vendors

Vendor

jordansissel

Products

1

CVEs

1

Across products

1

Status

Private

Products

1

Arr-pm
1 CVE

Recent CVEs

1

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-39224	jordansissel Arr-pm		0.00	—	0.00		Sep 21, 2022	Arr-pm is an RPM reader/writer library written in Ruby. Versions prior to 0.0.12 are subject to OS command injection resulting in shell execution if the RPM contains a malicious "payload compressor" field. This vulnerability impacts the `extract` and `files` methods of the…

CVE-2022-39224Sep 21, 2022
jordansissel
Arr-pm
risk 0.00cvss —epss 0.00
Arr-pm is an RPM reader/writer library written in Ruby. Versions prior to 0.0.12 are subject to OS command injection resulting in shell execution if the RPM contains a malicious "payload compressor" field. This vulnerability impacts the `extract` and `files` methods of the…