10 matches found
CVE-2021-32830
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
Command injection in @diez/generation
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
@diez/extractors (>=10.0.0 <=10.6.0-beta.1), @diez/sources (>=10.0.0-alpha.0 <=10.0.0-beta.4) +1 more potentially affected by CVE-2021-32830 via @diez/generation (=10.6.0)
@diez/generation NPM version =10.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on @diez/generation and may be impacted: - @diez/extractors =10.0.0, =10.0.0-alpha.0, =10.0.0-beta.4 - diez =10.0.0-alpha.0 Source cves: CVE-2021-32830 Source advisory:...
GHSA-8C3F-X5F9-6H62 Command injection in @diez/generation
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
CVE-2021-32830
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
CVE-2021-32830
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
Command injection
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
CVE-2021-32830
The CVE-2021-32830 entry concerns the @diez/generation npm package, where the locateFont method contains a command injection vulnerability. The vulnerability can lead to remote code execution if untrusted input is passed to the vulnerable method. All versions are reported as vulnerable in the CVE...
CVE-2021-32830
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead...
diez-de.su XSS vulnerability
Vulnerable URL: http://diez-de.su/poisk.php?a=0categories=%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3B%3C%2Fscript%3E=%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3B%3C%2Fscript%3E=%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3B%3C%2Fscript%3E Details: Description| Value ---|--- Patched:| No Latest check for patch...