Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 2:15 a.m.10 views

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

9.8CVSS7.2AI score0.01416EPSS
Exploits1References1
NVD
NVD
added 2022/07/28 5:15 p.m.18 views

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

9.8CVSS0.01416EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/07/28 4:33 p.m.19 views

CVE-2016-4991

Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....

9.7AI score0.01416EPSS
Exploits1References1
CVE
CVE
added 2022/07/28 4:33 p.m.46 views

CVE-2016-4991

CVE-2016-4991 affects the NodePDF tool, specifically version 1.3.0. The vulnerability arises because input passed to the Pdf() function is shell-escaped and handed to child_process.exec() during PDF rendering, and the escape does not encode all special characters (notably semicolon and curly brac...

9.8CVSS9.5AI score0.01416EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder