Privilege Escalation

app-builder-lib is vulnerable to Privilege escalation. The vulnerability is due to NSExec searching the current directory of the installer before searching the system's PATH when making a system call to open cmd.exe in the .nsh installer script. This flaw allows an attacker to exploit the situati...

@abcum/ember-app (>=0.1.0 <=0.12.0), @abcum/ember-contextmenu (>=3.0.5 <=4.0.1) +176 more potentially affected by CVE-2024-27303 via app-builder-lib (>=20.24.0 <=24.13.1)

app-builder-lib NPM version =20.24.0, =0.1.0, =3.0.5, =0.1.0, =1.0.0, =0.0.10, =0.0.1, =0.0.1-alpha.0, =0.0.1, =1.0.1, =1.0.1, =1.0.5, =0.0.24, =0.39.0, =1.17.0 and more Source cves: CVE-2024-27303 Source advisory: OSV:GHSA-R4PF-3V7R-HH55...