1 results (0.001 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. converter.rb del md2pdf para Ruby v0.0.1 permite a atacantes dependientes de contexto para ejecutar comandos arbitrarios vía metacaracteres de shell en un nombre de archivo. Ruby Gem md2pdf suffers from a remote command injection vulnerability. • http://osvdb.org/92290 http://vapid.dhs.org/advisories/md2pdf-remote-exec.html http://www.securityfocus.com/bid/59061 https://exchange.xforce.ibmcloud.com/vulnerabilities/83416 •