Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2023/05/27 5:0 a.m.30 views

CVE-2023-26129

All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...

8.4CVSS8.9AI score0.01005EPSS
Exploits1References1
CVE
CVE
added 2023/05/27 5:0 a.m.44 views

CVE-2023-26129

CVE-2023-26129 affects the node package bwm-ng . The vulnerability is a Command Injection due to improper input sanitization in the check function of the bwm-ng.js file. Exploitation requires the attacker to run Node.js code in the target environment (local access); no user interaction is needed ...

8.4CVSS7.8AI score0.01005EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2023/05/27 5:0 a.m.22 views

CVE-2023-26129

All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...

8.4CVSS8.2AI score0.01005EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/12/20 10:0 a.m.5 views

conkie (=0.0.1) potentially affected by CVE-2023-26129 via bwm-ng (=0.1.1)

bwm-ng NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on bwm-ng and may be impacted: - conkie =0.0.1 Source cves: CVE-2023-26129 Source advisory: SNYK:JS-BWMNG-3175876...

8.4CVSS7.1AI score0.01005EPSS
Exploits1
Rows per page
Query Builder