Headline
CVE-2022-36231: pdf_info | RubyGems.org | your community gem host
pdf_info 0.5.3 is vulnerable to Command Execution.
RubyGems.org is the Ruby community’s gem hosting service. Instantly publish your gems and then install them. Use the API to find out more about available gems. Become a contributor and improve the site yourself.
RubyGems.org is made possible through a partnership with the greater Ruby community. Fastly provides bandwidth and CDN support, Ruby Central covers infrastructure costs, and Ruby Together funds ongoing development and ops work. Learn more about our sponsors and how they work together.
We need your help to fund the developer time that keeps RubyGems.org running smoothly for everyone. Join Ruby Together today.
Related news
pdf_info 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used.