Critical severity vulnerability that affects dns-sync

2017-10-24T18:33:36
ID GHSA-Q5PQ-PGRV-FH89
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:01:59

Description

The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.