VYPR

RubyGems package

festivaltts4r

pkg:gem/festivaltts4r

Vulnerabilities (1)

  • CVE-2016-10194CriMar 3, 2017
    affected <= 0.2.0

    The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.