thor ruby gem command injection vulnerability
The thor ruby gem is a toolkit for building command-line applications. A command injection vulnerability exists in the thor ruby gem, which stems from the use of the open-uri 'open' function in Thor::Actionsget. An attacker could exploit this vulnerability to execute system commands...