Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:42 a.m.17 views

CVE-2019-10788

im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function...

9.8CVSS7.9AI score0.02415EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/11 4:21 p.m.28 views

Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities

Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-10795 DESCRIPTION: Node.js undefsafe module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a...

10CVSS2.1AI score0.03799EPSS
Exploits7Affected Software1
Cvelist
Cvelist
added 2020/02/04 8:6 p.m.47 views

CVE-2019-10788

im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function...

9.9AI score0.02415EPSS
Exploits1References2
CVE
CVE
added 2020/02/04 8:6 p.m.79 views

CVE-2019-10788

CVE-2019-10788 affects the im-metadata Node.js module (through version 3.0.1), enabling remote command execution via the exec argument due to improper validation of user-supplied input in metadata options. The incident is corroborated across multiple feeds (Red Hat, GHSA, OSV, NVD) and related ad...

9.8CVSS9.8AI score0.02415EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder