high severity
RubyGems

Arbitrary Command Execution

Affected gem Vulnerable versions Latest version Snyk patch
fastreader ALL 1.0.8 Not available

Overview

fastreader is a terminal-based feed reader. Affected versions of this gem are vulnerable to arbitrary command execution due to mishandling of specially crafted input passed via a URL that contains a ; character. This may allow a context-dependent attacker to potentially execute arbitrary commands.

References

Snyk patch

Not available.