← back
CVE-2016-10193

CVE-2016-10193

EPSS 2.5%
The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/dejan/espeak-ruby/issues/7http://www.openwall.com/lists/oss-security/2017/01/31/14http://www.openwall.com/lists/oss-security/2017/02/02/5