6 matches found
EUVD-2018-0740
Malware in sbrugna...
Command Injection in apex-publish-static-files
Versions of apex-publish-static-files before 2.0.1 are vulnerable to command injection. This is exploitable if user input is passed into the connectString option in the publish method. Recommendation Update to version 2.0.1 or later...
GHSA-9JM3-5835-537M Command Injection in apex-publish-static-files
Versions of apex-publish-static-files before 2.0.1 are vulnerable to command injection. This is exploitable if user input is passed into the connectString option in the publish method. Recommendation Update to version 2.0.1 or later...
Command Injection
Overview Versions of apex-publish-static-files before 2.0.1 are vulnerable to command injection. This is exploitable if user input is passed into the connectString option in the publish method. Recommendation Update to version 2.0.1 or later. References - HackerOne Report - security-wg - GitHub...
Command injection
A command injection vulnerability in the apex-publish-static-files npm module version 2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument...
CVE-2018-16462
The CVE-2018-16462 entry concerns the npm package apex-publish-static-files. Affected versions are those before 2.0.1, where user-supplied input can trigger a command injection, enabling arbitrary shell command execution. Several connected sources corroborate this: the NVD entry describes a comma...