EUVD-2020-0470

Malware in sbrugna...

CVE-2020-4066

In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95...

Limdu Operating System Command Injection Vulnerability

Limdu is a machine learning framework for Node.js by Erel Segal-Halevi Software Developers. An operating system command injection vulnerability exists in the 'trainBatch' function in versions of Limdu prior to 0.95. The vulnerability stems from a network system or product not properly filtering...

OS Command Injection

limdu is vulnerable to command injection. The vulnerability exists because it allows an attacker to inject malicious code via the function trainBatch in BinaryClassifierSet.js as it relies on shell execution, such as SVM Perf, SVM Linear or Adaboos...

CVE-2020-4066

In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95...

CVE-2020-4066

In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95...

Command injection

In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95...

CVE-2020-4066 Command Injection in Limdu trainBatch function

In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95...

CVE-2020-4066

Limdu prior to version 0.95 contains a command injection vulnerability in the trainBatch function. This affects users of Limdu’ s Node.js machine learning framework that rely on shell-executed components (e.g., SVM-related tools). The issue can enable an attacker to execute arbitrary OS commands ...

Command Injection in Limdu

Impact The trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. Patches Patched in version 0.9.5. Workarounds Do not use trainBatch with classifiers that rely o...

GHSA-77QV-GH6F-PGH4 Command Injection in Limdu

Impact The trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. Patches Patched in version 0.9.5. Workarounds Do not use trainBatch with classifiers that rely o...