ADVISORIES
- CVE-2014-2322 (NVD)
- OSVDB-104365
GEM
SEVERITY
CVSS v2.0: 7.5 (High)
PATCHED VERSIONS
None.
DESCRIPTION
Arabic Prawn Gem for Ruby contains a flaw in the lib/string_utf_support.rb file. The issue is due to the program failing to sanitize user input. This may allow a remote attacker to inject arbitrary commands.