{"provider_name":"Hatena Blog","blog_title":"ooooooo_q\u306e\u65e5\u8a18","type":"rich","height":"190","url":"https://ooooooo.hatenablog.com/entry/ruby_bug_hunting_2","version":"1.0","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/o/ooooooo_q/20191224/20191224074821.png","description":"\u3053\u306e\u8a18\u4e8b\u306fRuby Advent Calendar 2019 - Qiita\u306e24\u65e5\u76ee\u3067\u3059\u3002 \u53bb\u5e74\uff08Ruby\u3084Ruby\u306eOSS\u306e\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u305f\u8a71 - ooooooo_q\u306e\u65e5\u8a18\uff09\u3068\u540c\u69d8\u306bRuby\u95a2\u9023\u3067\u4eca\u5e74\u898b\u3064\u3051\u305f\u8106\u5f31\u6027\u306e\u8a71\u3067\u3059\u3002 Ruby CVE-2019-16255: Shell#[]\u304a\u3088\u3073Shell#test\u306e\u30b3\u30fc\u30c9\u633f\u5165\u8106\u5f31\u6027 hackerone.com \u8106\u5f31\u6027\u306a\u306e\u304b\u5224\u65ad\u306b\u8ff7\u3046\u3082\u306e\u3002 \u5f15\u6570\u304c.send\u306b\u305d\u306e\u307e\u307e\u6e21\u3055\u308c\u308b\u306e\u3067\u5024\u306b\u3088\u3063\u3066\u306f\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3067\u304d\u308b\u3082\u306e\u3067\u3057\u305f\u3002 .send\u3092\u4f7f\u3063\u3066\u5b9f\u969b\u306b\u653b\u6483\u3067\u304d\u308b\u30d1\u30bf\u30fc\u30f3\u304c\u6709\u308b\u306e\u304b\u3001Ruby\u306e\u30b3\u30fc\u30c9\u306e\u4e2d\u3092\u8abf\u3079\u3066\u898b\u3064\u3051\u305f\u899a\u3048\u304c\u3042\u308a\u307e\u3059\u3002 CVE-2019-\u2026","categories":["\u8106\u5f31\u6027"],"html":"","width":"100%","author_url":"https://blog.hatena.ne.jp/ooooooo_q/","published":"2019-12-24 00:00:00","blog_url":"https://ooooooo.hatenablog.com/","title":"Ruby\u3084Ruby\u306eOSS\u306e\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u305f\u8a71\u306e\u7d9a\u304d","author_name":"ooooooo_q","provider_url":"https://hatena.blog"}