Moderate severity vulnerability that affects codem-transcode

2017-11-28T22:20:17
ID GHSA-RPH7-J9QR-H8Q8
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:00

Description

The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe.