GHSA-w655-w578-99pq – espeak-ruby

Package

Manager: gem
Name: espeak-ruby
Vulnerable Version: <0

Severity

Level: High

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

High severity vulnerability that affects espeak-ruby Withdrawn, accidental duplicate publish. The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb.

Metadata

Created: 2018-08-21T17:09:08Z
Modified: 2020-06-17T15:15:17Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/08/GHSA-w655-w578-99pq/GHSA-w655-w578-99pq.json
CWE IDs: []
Alternative ID: N/A
Finding: N/A
Auto approve: 0