1 results (0.001 seconds)
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2022-21831 – Debian Security Advisory 5372-1
https://notcve.org/view.php?id=CVE-2022-21831
26 May 2022 — A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. Se presenta una vulnerabilidad de inyección de código en Active Storage versiones posteriores a v5.2.0 incluyéndola, que podría permitir a un atacante ejecutar código por medio de argumentos image_processing Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and o... • https://github.com/advisories/GHSA-w749-p3v6-hccq • CWE-94: Improper Control of Generation of Code ('Code Injection') •