5 matches found
EUVD-2021-0833
Malware in sbrugna...
@luantm/strapi (=1.0.1), @mikermcneil/kit (>=1.1.2 <=1.3.12) +53 more potentially affected by CVE-2019-10801 via enpeem (>=0.1.1 <=2.2.0)
enpeem NPM version =0.1.1, =1.1.2, =0.10.2, =0.0.2, =0.0.1, =0.1.1, =0.6.3, =1.0.0, =0.0.10, =0.0.5, =0.0.19 and more Source cves: CVE-2019-10801 Source advisory: OSV:GHSA-HMW2-MVVH-JF5J...
Enpeem Command Execution Vulnerability
Enpeem is a lightweight package for programmatically accessing NPM. A security vulnerability exists in Enpeem 2.2.0 and earlier versions, which originates when the program sends the 'options.dir' parameter directly to the 'exec' function without performing any cleanup operations. The vulnerabilit...
Design/Logic Flaw
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...
@luantm/strapi (=1.0.1), @mikermcneil/kit (>=1.1.2 <=1.3.12) +53 more potentially affected by CVE-2019-10801 via enpeem (>=0.1.1 <=2.2.0)
enpeem NPM version =0.1.1, =1.1.2, =0.10.2, =0.0.2, =0.0.1, =0.1.1, =0.6.3, =1.0.0, =0.0.10, =0.0.5, =0.0.19 and more Source cves: CVE-2019-10801 Source advisory: SNYK:JS-ENPEEM-559007...