5 matches found
CVE-2020-7633
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument...
apiconnect (>=1.0.1 <=4.0.29), apiconnect-cli-test-support (=3.0.0) +3 more potentially affected by CVE-2020-7633 via apiconnect-cli-plugins (>=1.1.1 <=5.0.1)
apiconnect-cli-plugins NPM version =1.1.1, =1.0.1, =1.1.6, =2.8.29, =1.0.5, =2.2.11 Source cves: CVE-2020-7633 Source advisory: OSV:GHSA-C9M9-48PW-6MPV...
CVE-2020-7633
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument...
CVE-2020-7633
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument...
CVE-2020-7633
CVE-2020-7633 affects the IBM API Connect plugin package apiconnect-cli-plugins up to version 6.0.1. The vulnerability is a Command Injection caused by lack of sanitization of the pluginUri parameter, enabling execution of arbitrary commands. Public references provide a PoC showing how an attacke...