6 matches found
CVE-2023-2583
creationtimestamp| type| source ---|---|--- 2023-05-08 20:37:46+00:00| seen| https://t.me/cibsecurity/63450...
@karmalicious/nodejs-drivers (>=2.0.0 <=8.0.0), azupck (>=1.1.72 <=1.4.4) +13 more potentially affected by CVE-2023-2583 via jsreport (>=1.10.0 <=2.11.0)
jsreport NPM version =1.10.0, =2.0.0, =1.1.72, =1.0.28, =1.8.1, =1.0.1, =0.0.1, =1.0.0, =1.0.80, =1.1.36, =2.14.0, =2.30.0 Source cves: CVE-2023-2583 Source advisory: OSV:GHSA-G7RJ-Q722-245G...
CVE-2023-2583
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3...
CVE-2023-2583 Code Injection in jsreport/jsreport
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3...
CVE-2023-2583
CVE-2023-2583 affects jsreport/jsreport prior to 3.11.3. The root cause is a hardcoded vulnerable vm2 version in the jsreport-core package’s package.json, enabling code injection. Reported impact is code execution with high severity; in practice, exploitation appears tied to the vulnerable vm2 in...
CVE-2023-2583 Code Injection in jsreport/jsreport
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3...