5 matches found
CVE-2021-34084
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata function...
chhyun-utils (>=1.0.12 <=1.0.39), jotunheimr (>=1.11.0 <=1.12.1) potentially affected by CVE-2021-34084 via s3-uploader (>=1.1.0 <=2.0.3)
s3-uploader NPM version =1.1.0, =1.0.12, =1.11.0, =1.12.1 Source cves: CVE-2021-34084 Source advisory: OSV:GHSA-GWP3-F7MR-QPFV...
CVE-2021-34084
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata function...
CVE-2021-34084
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata function...
CVE-2021-34084
CVE-2021-34084 is an OS command injection vulnerability affecting Turistforeningen node-s3-uploader up to version 2.0.3 for Node.js. The issue arises in the getMetadata/metadata() flow where untrusted input can be used to construct OS commands, enabling an attacker to execute arbitrary commands o...