Vulnerabilities > CVE-2022-36231 - Unspecified vulnerability in Newspaperclub PDF Info 0.5.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
pdf_info 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- https://github.com/affix/CVE-2022-36231
- https://github.com/newspaperclub/pdf_info/issues/16
- https://github.com/newspaperclub/pdf_info/pull/15
- https://rubygems.org/gems/pdf_info
- https://github.com/affix/CVE-2022-36231
- https://rubygems.org/gems/pdf_info
- https://github.com/newspaperclub/pdf_info/pull/15
- https://github.com/newspaperclub/pdf_info/issues/16