CVE-2022-28481

CVE-2022-28481

EPSS 1.6%

CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/zvory/csv-safe https://github.com/zvory/csv-safe/issues/7 https://github.com/zvory/csv-safe/pull/8