gerapy is vulnerable to remote code execution. The use of string which can be controlled externally in a command line allows a malicious user to change the meaning of the command.
github.com/Gerapy/Gerapy/commit/98092528a72392447fef05539fadbc4a295e9d60
github.com/Gerapy/Gerapy/issues/197
github.com/Gerapy/Gerapy/issues/211
github.com/Gerapy/Gerapy/issues/217
github.com/Gerapy/Gerapy/security/advisories/GHSA-756h-r2c9-qp5j
lgtm.com/projects/g/Gerapy/Gerapy?mode=tree&ruleFocus=1505994646253
securitylab.github.com/advisories/GHSL-2021-076-gerapy/