3 matches found
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection such that an attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization, there is no validation performed and the user provided path is used...
Exploit for OS Command Injection in Newspaperclub Pdf_Info
CVE-2022-36231 The ruby gem pdfinfohttps://rubygems.org/g...
ALPINE-CVE-2018-11780
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2...