Low: ruby
Issue Overview: Command injection in lib/resolv.rb:lazyinitialize allows arbitrary code execution: The "lazyinitialize" function in lib/resolv.rb did not properly process certain filenames. A remote attacker could possibly exploit this flaw to inject and execute arbitrary commands. CVE-2017-17790...