1 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb. La gem espeak-ruby en versiones anteriores a 1.0.3 para Ruby permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres shell en una cadena al método speak, save, bytes o bytes_wav en lib/espeak/speech.rb. • http://www.openwall.com/lists/oss-security/2017/01/31/14 http://www.openwall.com/lists/oss-security/2017/02/02/5 https://github.com/dejan/espeak-ruby/issues/7 • CWE-284: Improper Access Control •