Mark Burns » Ldoce : Security Vulnerabilities, CVEs, CVSS score >= 3
lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name.
Max CVSS
6.8
EPSS Score
1.66%
Published
2013-04-03
Updated
2017-08-29
1 vulnerabilities found