2 matches found
CVE-2022-29353
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename...
CVE-2022-29353
Affected software: Graphql-upload v13.0.0 (Node.js middleware). Vulnerable component: file upload module; root cause: arbitrary file upload via crafted filename enables code execution. Impact: remote code execution with high/critical severity indicators (network vector, no authentication; confide...