CVE-2022-24720CRITICALCVSS 9.8fixed in ruby-image-processing 1.10.3-2 (bookworm)2022
CVE-2022-24720 [CRITICAL] CVE-2022-24720: ruby-image-processing - image_processing is an image processing wrapper for libvips and ImageMagick/Grap...
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is called internally by Active Storage variants, s
debian