EUVD-2016-5957

Malware in sbrugna...

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

CVE-2016-4991

CVE-2016-4991 affects the NodePDF tool, specifically version 1.3.0. The vulnerability arises because input passed to the Pdf() function is shell-escaped and handed to child_process.exec() during PDF rendering, and the escape does not encode all special characters (notably semicolon and curly brac...

NodePDF 命令注入漏洞

NodePDF is a PDF rendering tool based on Node.js. A security vulnerability exists in NodePDF version 1.3.0, which stems from the fact that during PDF rendering, input passed to the Pdf function is escaped by the shell and passed to childprocess.exec. However, shell escaping does not correctly...

PT-2022-7868 · Nodepdf · Nodepdf

Name of the Vulnerable Software and Affected Versions: nodepdf version 1.3.0 Description: The issue arises from the input passed to the Pdf function being shell escaped and then passed to child process.exec during PDF rendering. However, the shell escape fails to properly encode special character...