CVE-2013-2060: OpenShift: Potential remote command execution vulnerability in download cart url

Severity: Critical

CVSS Score: 9.8

The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.