CVSS v2: 7.5
- >= 0.2.3
rgpg Gem for Ruby contains a flaw in the GpgHelper module (lib/rgpg/gpg_helper.rb). The issue is due to the program failing to properly sanitize user-supplied input before being used in the system() function for execution. This may allow a remote attacker to execute arbitrary commands.