Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 11:9 p.m.5 views

CVE-2022-36231

pdfinfo 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3...

9.8CVSS7.2AI score0.22558EPSS
Exploits2
Veracode
Veracodeadded 2023/03/01 2:36 a.m.13 views

Command Injection

pdfinfo is vulnerable to Command Injection. The vulnerability exists in the command function of info.rb due to missing input sanitization in the pdfpath parameter, which allows an attacker to inject and execute malicious commands...

9.8CVSS9AI score0.22558EPSS
Exploits2References6Affected Software1
Github Security Blog
Github Security Blogadded 2023/02/24 12:30 a.m.26 views

Code injection in pdf_info

pdfinfo 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used...

9.8CVSS9.2AI score0.22558EPSS
Exploits2References7Affected Software1
OSV
OSVadded 2023/02/24 12:30 a.m.27 views

GHSA-9FH3-J99M-F4V7 Code injection in pdf_info

pdfinfo 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used...

9.8CVSS9.7AI score0.22558EPSS
Exploits2References7
RubySec
RubySecadded 2023/02/24 12:0 a.m.24 views

Code injection in pdf_info

pdfinfo 0.5.3 is vulnerable to Command Execution. An attacker using a specially crafted payload may execute OS commands by using command chaining because during object initalization there is no validation performed and the user provided path is used...

9.8CVSS3.9AI score0.22558EPSS
Exploits2References1
NVD
NVDadded 2023/02/23 10:15 p.m.15 views

CVE-2022-36231

pdfinfo 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3...

9.8CVSS9.6AI score0.22558EPSS
Exploits2References4
Prion
Prionadded 2023/02/23 10:15 p.m.10 views

Command injection

pdfinfo 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3...

7.5CVSS9.6AI score0.22558EPSS
Exploits2References4Affected Software1
Cvelist
Cvelistadded 2023/02/23 12:0 a.m.19 views

CVE-2022-36231

pdfinfo 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3...

9.9AI score0.22558EPSS
Exploits2References4
CVE
CVEadded 2023/02/23 12:0 a.m.79 views

CVE-2022-36231

CVE-2022-36231 affects pdf_info 0.5.3, where Ruby code uses backticks instead of Open3, enabling Command Execution. CVSS v3.1 base score 9.8 (CRITICAL) with NETWORK attack vector, LOW complexity, no user interaction, and impact to confidentiality, integrity, and availability. Connected sources (R...

9.8CVSS9.5AI score0.22558EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichmentadded 2023/02/23 12:0 a.m.9 views

CVE-2022-36231

pdfinfo 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3...

9.7AI score0.22558EPSS
Exploits2References4
CNNVD
CNNVDadded 2023/02/23 12:0 a.m.1 views

pdf_info 安全漏洞

pdfinfo is a package pdfinfo command line tool by tomtaylor personal developer. A security vulnerability exists in pdfinfo version 0.5.3, which can be exploited by an attacker to execute operating system commands using a command chain...

9.8CVSS8.6AI score0.22558EPSS
Exploits2References5
Rows per page
Query Builder