3 matches found
org.webjars.npm:launch-editor-middleware (=2.2.1) potentially affected by CVE-2024-52011 via org.webjars.npm:launch-editor (=2.2.1)
org.webjars.npm:launch-editor MAVEN version =2.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:launch-editor and may be impacted: - org.webjars.npm:launch-editor-middleware =2.2.1 Source cves: CVE-2024-52011 Source advisory:...
CVE-2024-52011
A flaw was found in launch-editor, a tool that allows users to open files with line numbers in an editor from Node.js. Due to insufficient sanitization of the file argument in the launchEditor function, an attacker can execute arbitrary commands on Windows systems by supplying a filename that...
CVE-2024-52011
launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the file argument in the launchEditor, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters...