PT-2019-4652 · Ruby +8 · Ruby +8

Name of the Vulnerable Software and Affected Versions: Ruby versions 2.4.7 and earlier, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 Description: The issue allows code injection if the first argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an...