Advisory #51
| Title | Narou.rb remote code execution via crafted novel information |
| CVE ID | CVE-2021-35514 |
| Vendor | Narou.rb maintainers |
| Affected product | Narou.rb |
| Affected versions | <= 3.7.2 |
| Vulnerability type | CWE-94 (Code Injection) |
| Description | Narou.rb has a vulnerability that allows a malicious novel to inject arbitrary Ruby code, which leads remote code execution. |
| Status | Fixed in 3.8.0 |
| Recommendation | Update to 3.8.0 or above. |