OS Command Injection
BibTeX-ruby allows command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.
Advisories for Gem/Bibtex-Ruby package
2020
BibTeX-ruby allows command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.