4 matches found
CVE-2023-26129
All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...
CVE-2023-26129
CVE-2023-26129 affects the node package bwm-ng . The vulnerability is a Command Injection due to improper input sanitization in the check function of the bwm-ng.js file. Exploitation requires the attacker to run Node.js code in the target environment (local access); no user interaction is needed ...
CVE-2023-26129
All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...
conkie (=0.0.1) potentially affected by CVE-2023-26129 via bwm-ng (=0.1.1)
bwm-ng NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on bwm-ng and may be impacted: - conkie =0.0.1 Source cves: CVE-2023-26129 Source advisory: SNYK:JS-BWMNG-3175876...