4 matches found
OS Command Injection
priest-runner is vulnerable to OS command injection. The vulnerability exists as it passes unsanitized input into a spawn call through a POST request into PriestController.prototype.createChild...
GHSA-9PX9-F7JW-FWHJ Command Injection in priest-runner
All versions of priest-runner are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to a spawn call, which may allow attackers to execute arbitrary code in the system. The PriestController.prototype.createChild function is vulnerable since the spawn...
Command Injection in priest-runner
All versions of priest-runner are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to a spawn call, which may allow attackers to execute arbitrary code in the system. The PriestController.prototype.createChild function is vulnerable since the spawn...
Command Injection
Overview All versions of priest-runner are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to a spawn call, which may allow attackers to execute arbitrary code in the system. The PriestController.prototype.createChild function is vulnerable since the...