Lucene search

CVE-2021-23376

🗓️ 18 Apr 2021 19:12:15Reported by snykType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 50 Views

CVE-2021-23376: Package ffmpegdotjs allows arbitrary command executio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Veracode	Arbitrary Command Execution	19 Apr 202105:31	–	veracode
OSV	Command Injection in ffmpegdotjs	6 May 202115:55	–	osv
Cvelist	CVE-2021-23376 Arbitrary Command Injection	18 Apr 202118:40	–	cvelist
Prion	Design/Logic Flaw	18 Apr 202119:15	–	prion
Github Security Blog	Command Injection in ffmpegdotjs	6 May 202115:55	–	github
NVD	CVE-2021-23376	18 Apr 202119:15	–	nvd

Nvd

Node

ffmpegdotjs_project ffmpegdotjsnode.js

[
  {
    "product": "ffmpegdotjs",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
snyk	www.snyk.io/vuln/SNYK-JS-FFMPEGDOTJS-1078542
github	www.github.com/TRomesh/ffmpegdotjs/blob/b7395daf0bdcb81218340427eb7073cdd28462af/index.js%23L219

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Apr 2021 19:15Current

9.8High risk

Vulners AI Score9.8

CVSS27.5

CVSS39.8

EPSS0.00612

CWE-78