CRITICAL
Espeak Ruby Project
CVE published 2017-03-03
CVE-2016-10193
CVE-2016-10193 affects the espeak-ruby gem before 1.0.3. According to the CVE description, untrusted strings passed to speak, save, bytes, or bytes_wav in lib/espeak/speech.rb can include shell metacharacters that lead to arbitrary command execution. NVD classifies affected versions as up to 1.0.2 and assigns the issue a CVSS v3.0 score of 9.8 (Critical).