2 matches found
CVE-2021-23352
creationtimestamp| type| source ---|---|--- 2021-03-09 22:52:07+00:00| seen| https://t.me/cibsecurity/24656 2021-03-12 23:01:49+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-753c-phhg-cj29...
CVE-2021-23352 Command Injection
This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image, .svg or .dot functions are called, is executed by the childprocess.exec function...