Filtered by vendor Colorscore Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7541 | 1 Colorscore Project | 1 Colorscore | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable. |