{"id":"CVE-2017-20156","details":"A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The patch is named 5f8c715d6e2cc000f621a6833f0a86a673462136. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217139.","modified":"2026-04-02T00:10:35.471816Z","published":"2022-12-31T10:15:09.183Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.217139"},{"type":"ADVISORY","url":"https://vuldb.com/?ctiid.217139"},{"type":"REPORT","url":"https://github.com/exciting-io/printer/issues/56"},{"type":"FIX","url":"https://github.com/exciting-io/printer/commit/5f8c715d6e2cc000f621a6833f0a86a673462136"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/exciting-io/printer","events":[{"introduced":"0"},{"fixed":"5f8c715d6e2cc000f621a6833f0a86a673462136"}]},{"type":"GIT","repo":"https://github.com/exciting-io/printer","events":[{"introduced":"0"},{"fixed":"5f8c715d6e2cc000f621a6833f0a86a673462136"}]}],"versions":["arduino-1.0.1","arduino-1.0.2","arduino-1.0.3","arduino-1.0.4","arduino-1.0.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-20156.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2017-07-08"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}