Launchpad.net

CVE 2022-27811

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.

CVE-2022-27811 (Candidate) is related to these bugs:

Bug #1961528: Security: Arbitrary shell command injection through PDF import or unpaper preprocessing

Summary				In	Importance	Status
	1961528	Security: Arbitrary shell command injection through PDF import or unpaper preprocessing		ocrfeeder (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.