Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2021/06/08 11:15 p.m.64 views

Command Injection in @ronomon/opened

The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input...

10CVSS5.4AI score0.04508EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2021/05/24 4:15 p.m.17 views

CVE-2021-29300

The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input...

10CVSS0.04508EPSS
Exploits1References2
Prion
Prion
added 2021/05/24 4:15 p.m.15 views

Command injection

The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input...

10CVSS9.8AI score0.04508EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/05/24 3:42 p.m.56 views

CVE-2021-29300

Affected component: @ronomon/opened (Node.js library) prior to version 1.5.2. Root cause: The module is vulnerable to command injection when untrusted input is used to form commands that are executed, enabling an attacker to run arbitrary commands on the host. Impact: Remote code execution risk o...

10CVSS9.8AI score0.04508EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/05/24 12:0 a.m.4 views

ronomon 命令注入漏洞

ronomon is open source a fast and powerful encoder/decoder for RFC 2045 and RFC 2047. Used for buffers in pure Javascript with optional C ++ bindings. A command injection vulnerability exists in ronomon/opened library versions prior to 1.5.2, which can be exploited by remote attackers to execute...

10CVSS8.7AI score0.04508EPSS
Exploits1References3
Rows per page
Query Builder