Headline
GHSA-9fh3-j99m-f4v7: Code injection in pdf_info
pdf_info 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used.
Code injection in pdf_info
High severity GitHub Reviewed Published Feb 24, 2023 to the GitHub Advisory Database • Updated Feb 24, 2023
Related news
CVE-2022-36231: pdf_info | RubyGems.org | your community gem host
pdf_info 0.5.3 is vulnerable to Command Execution.