6 matches found
CVE-2019-10801
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...
@luantm/strapi (=1.0.1), @mikermcneil/kit (>=1.1.2 <=1.3.12) +53 more potentially affected by CVE-2019-10801 via enpeem (>=0.1.1 <=2.2.0)
enpeem NPM version =0.1.1, =1.1.2, =0.10.2, =0.0.2, =0.0.1, =0.1.1, =0.6.3, =1.0.0, =0.0.10, =0.0.5, =0.0.19 and more Source cves: CVE-2019-10801 Source advisory: OSV:GHSA-HMW2-MVVH-JF5J...
CVE-2019-10801
creationtimestamp| type| source ---|---|--- 2020-02-29 00:33:06+00:00| seen| https://t.me/cibsecurity/10190...
CVE-2019-10801
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...
CVE-2019-10801
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...
CVE-2019-10801
CVE-2019-10801 affects enpeem up to version 2.2.0. The vulnerability arises because the options.dir parameter is passed directly to the exec function without sanitization, enabling potential remote command execution. Documented impact is arbitrary command execution with high/severe impact metrics...