CVE-2025-53623

Name of the Vulnerable Software and Affected Versions: Job Iteration API versions prior to 1.11.0

Description: The Job Iteration API, an extension for ActiveJob, has an arbitrary code execution issue in the CsvEnumerator class. Exploitation of this issue can lead to unauthorized access, data leakage, or complete system compromise. The issue is fixed in versions 1.11.0 and above. Users should avoid using untrusted input in the CsvEnumerator class and ensure that any file paths are properly sanitized and validated before being passed to the class methods. Users should avoid using the count of rows in file method with untrusted CSV filenames.

Recommendations: Update to Job Iteration API version 1.11.0 or later. Avoid using the count of rows in file method with untrusted CSV filenames. Ensure that any file paths are properly sanitized and validated before being passed to the CsvEnumerator class methods. Avoid using untrusted input in the CsvEnumerator class.