GHSL-2022-094: Remote Code Execution in discordrb
Published: March 27, 2023
SECURITY IDENTIFIERS
- CVE: CVE-2023-28102 (NVD)
- GHSA: GHSA-8832-4mm5-x2r6
GEM
SEVERITY
CVSS v3.x: 9.6 (Critical)
PATCHED VERSIONS
>= 3.4.3
DESCRIPTION
The encode_file method may lead to remote code execution (RCE) if invoked with untrusted user-controlled data.