CVE-2019-15597

CVE-2019-15597 affects the Node.js wrapper package node-df (v0.1.4). The root cause is unsanitized user input being concatenated into a shell command that is executed, enabling an attacker to perform remote code execution (RCE). Several sources explicitly state that all versions are vulnerable du...