Lucene search

RedhatCVE-2016-4991

HistoryJul 28, 2022 - 5:15 p.m.

CVE-2016-4991

2022-07-2817:15:08

CWE-77

redhat

web.nvd.nist.gov

cve-2016-4991

pdf rendering

command execution

security vulnerability

nodepdf 1.3.0

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3.0.

Affected configurations

Nvd

Vulners

Node

nodepdf_projectnodepdfMatch1.3.0node.js

VendorProductVersionCPE
nodepdf_projectnodepdf1.3.0cpe:2.3:a:nodepdf_project:nodepdf:1.3.0:*:*:*:*:node.js:*:*

Vendor	Product	Version	CPE
nodepdf_project	nodepdf	1.3.0	cpe:2.3:a:nodepdf_project:nodepdf:1.3.0:::::node.js::

CNA Affected

[
  {
    "product": "nodepdf",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "nodepdf 1.3.0"
      }
    ]
  }
]

References

lf.lc/cve/cve-2016-4991/

Social References

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

Related for CVE-2016-4991