samg/diffy

Releases19

Frequency6 months 2 weeks

Last Release almost 6 years ago

Stars1.31K

Easy Diffing in Ruby

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-33127 ↗	Jun 23, 2022Thursday, 23 June 2022, 17:15	9.8 CRITICAL	7.5 HIGH
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string.