EUVD-2022-6588

Malicious code in bioql PyPI...

GHSA-MRXV-PR4H-963Q image-tiler susceptible to command injection

A command injection vulnerability affects the package image-tiler before version 2.0.2...

image-tiler susceptible to command injection

A command injection vulnerability affects the package image-tiler before version 2.0.2...

Remote Code Execution (RCE)

Image-tiler is vulnerable to Remote Code Execution RCE. The vulnerability lies in the tile function, if a developer allows unsanitized user input to the function an attacker can inject arbitrary shell code which will be executed on the system...

CVE-2020-28451

This affects the package image-tiler before 2.0.2...

CVE-2020-28451

This affects the package image-tiler before 2.0.2...

Code injection

This affects the package image-tiler before 2.0.2...

CVE-2020-28451 Command Injection

This affects the package image-tiler before 2.0.2...

CVE-2020-28451

CVE-2020-28451 affects the npm package image-tiler prior to version 2.0.2. Multiple sources describe a command-injection vulnerability in this package, potentially enabling remote code execution when unsanitized input is processed (e.g., via the tile function). The issue is labeled as high severi...

PT-2022-8899 · Unknown · Image-Tiler

Name of the Vulnerable Software and Affected Versions: image-tiler versions prior to 2.0.2 Description: A command injection issue affects the package. Recommendations: For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue...

Command Injection

Overview image-tiler is a package that creates zoom tile pyramids from a large image. There are other packages very similar to this one, but none did exactly what I needed, so I made mine. Affected versions of this package are vulnerable to Command Injection. PoC var tile =...