image_processing is vulnerable to shell command injection. The apply
function in chainable.rb
does not properly check unsanitized user input operational commands, allowing an attacker to inject and execute malicious shell commands.
CPE | Name | Operator | Version |
---|---|---|---|
image_processing | le | 1.12.1 | |
image_processing | le | 1.12.1 | |
ruby-image-processing:bookworm | eq | 1.10.3-1 | |
ruby-image-processing:sid | eq | 1.10.3-1 |