5 matches found
CVE-2019-10791
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...
Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities
Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-10795 DESCRIPTION: Node.js undefsafe module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a...
CVE-2019-10791
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...
CVE-2019-10791
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...
CVE-2019-10791
The CVE-2019-10791 issue affects the Node.js module promise-probe. The root cause is lack of sanitization in the file, outputFile and options functions, enabling remote command injection when untrusted input is used. Public references from Red Hat, GHSA, OSV, and Snyk corroborate a severe impact ...