9 matches found
EUVD-2017-0223
Malware in sbrugna...
GHSA-9WV8-JGW4-4G28 High severity vulnerability that affects festivaltts4r
Withdrawn, accidental duplicate publish. The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...
High severity vulnerability that affects festivaltts4r
Withdrawn, accidental duplicate publish. The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...
GHSA-F7F4-5W9J-23P2 festivaltts4r allows arbitrary command execution
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...
festivaltts4r allows arbitrary command execution
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...
festivaltts4r gem for Ruby Remote Command Execution Vulnerability
The festivaltts4r gem for Ruby is a Ruby-based language interface for the Festival TTS speech synthesis system. A security vulnerability exists in the festivaltts4r gem for Ruby. A remote attacker can exploit this vulnerability by sending a string with shell metacharacters to the tospeech or tomp...
CVE-2016-10194
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...
CVE-2016-10194
CVE-2016-10194 affects the Ruby gem festivaltts4r. The vulnerability arises in the library code lib/festivaltts4r/festival4r.rb, where remote attackers can cause arbitrary command execution by injecting shell metacharacters into strings passed to the to_speech or to_mp3 methods. This is a shell c...
festivaltts4r Gem for Ruby Arbitrary Command Execution
festivaltts4r passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to the tospeech and and tomp3 methods in lib/festivaltts4r/festival4r.rb library...