Lucene search
+L

4 matches found

alpinelinux
alpinelinux
added 2023/05/27 5:0 a.m.17 views

CVE-2023-26129

All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...

8.4CVSS8.2AI score0.01005EPSS
Exploits1References1
cve
cve
added 2023/05/27 5:0 a.m.43 views

CVE-2023-26129

CVE-2023-26129 affects the node package bwm-ng . The vulnerability is a Command Injection due to improper input sanitization in the check function of the bwm-ng.js file. Exploitation requires the attacker to run Node.js code in the target environment (local access); no user interaction is needed ...

8.4CVSS7.8AI score0.01005EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2023/05/27 5:0 a.m.28 views

CVE-2023-26129

All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within t...

8.4CVSS8.9AI score0.01005EPSS
Exploits1References1
vulnersosv
vulnersosv
added 2022/12/20 10:0 a.m.5 views

conkie (=0.0.1) potentially affected by CVE-2023-26129 via bwm-ng (=0.1.1)

bwm-ng NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on bwm-ng and may be impacted: - conkie =0.0.1 Source cves: CVE-2023-26129 Source advisory: SNYK:JS-BWMNG-3175876...

8.4CVSS7.1AI score0.01005EPSS
Exploits1
Rows per page
Query Builder