CVE-2019-10780

Summary

BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.

Affected Software

VendorProductVersion RangeStatus
n/aBibTeX-rubyAll versions prior to version 5.1.0affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References