CVSS: 9.8EPSS: 34%CPEs: 4EXPL: 6CVE-2022-25765 – Command Injection
https://notcve.org/view.php?id=CVE-2022-25765
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. El paquete pdfkit a partir de la versión 0.0.0, es vulnerable a una inyección de comandos cuando la URL no está saneada apropiadamente pdfkit version 08.7.2 suffers from a command injection vulnerability. • https://github.com/PurpleWaveIO/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell https://github.com/UNICORDev/exploit-CVE-2022-25765 https://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765 https://github.com/LordRNA/CVE-2022-25765 https://github.com/lowercasenumbers/CVE-2022-25765 http://packetstormsecurity.com/files/171746/pdfkit-0.8.7.2-Command-Injection.html https://github.com/pdfkit/pdfkit/blob/46cdf53ec540da1a1a2e4da979e3e5fe2f92a257/lib/pdfkit/pdfkit.rb%23L55-L58 https://github.com/pdfkit/pd •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1607
https://notcve.org/view.php?id=CVE-2013-1607
Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability La gema Ruby PDFKit versiones anteriores a 0.5.3, presenta una Vulnerabilidad de Ejecución de Código. • https://exchange.xforce.ibmcloud.com/vulnerabilities/82563 https://www.securityfocus.com/bid/58303/info • CWE-20: Improper Input Validation •