6 matches found
CVE-2024-52011 vulnerabilities
Vulnerabilities for packages: langfuse-fips, langfuse...
-react-file-list-components (=1.1.1), 01basicreact (>=0.1.0 <=0.1.9) +25718 more potentially affected by CVE-2024-52011 via launch-editor (>=2.10.0 <=2.8.2)
launch-editor NPM version =2.10.0, =0.1.0, =1.0.0, =0.1.0, =0.1.6 - 0beny1s =1.1.6 - 0scarclassa =1.0.1 - 0scarclassb =1.0.1 - 0scarclassc =1.0.1 - 0scarclassd =1.0.1 - 0scarclasse =1.0.1 - 0scarclassf =1.0.1 - 0scarclassg =1.0.1 - 0scarclassh =1.0.1 - 0scarclassi =1.0.1 - 0scarclassj =1.0.1 and...
org.webjars.npm:launch-editor-middleware (=2.2.1) potentially affected by CVE-2024-52011 via org.webjars.npm:launch-editor (=2.2.1)
org.webjars.npm:launch-editor MAVEN version =2.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:launch-editor and may be impacted: - org.webjars.npm:launch-editor-middleware =2.2.1 Source cves: CVE-2024-52011 Source advisory:...
SUSE CVE-2024-52011
launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the file argument in the launchEditor, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters...
CVE-2024-52011
A flaw was found in launch-editor, a tool that allows users to open files with line numbers in an editor from Node.js. Due to insufficient sanitization of the file argument in the launchEditor function, an attacker can execute arbitrary commands on Windows systems by supplying a filename that...
CVE-2024-52011
launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the file argument in the launchEditor, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters...