Command Injection
Overview rxiv-maker is a Write scientific preprints in Markdown. Generate publication-ready PDFs efficiently. Affected versions of this package are vulnerable to Command Injection due to improper handling of shell commands. The upgrade command uses shell=True, which allows shell injection...