CVE-2020-13802 – Rebar3 3.13.2 Command Injection

https://notcve.org/view.php?id=CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. Las versiones 3.0.0-beta.3 a la versión 3.13.2 de Rebar3 son vulnerables a la inyección de comandos del sistema operativo a través del parámetro URL de especificación de dependencia Rebar3 versions 3.0.0-beta.3 through 3.13.2 suffer from a command injection vulnerability. • http://packetstormsecurity.com/files/159027/Rebar3-3.13.2-Command-Injection.html https://github.com/vulnbe/poc-rebar3.git https://vuln.be/post/rebar3-command-injection • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •