karma-mojo is vulnerable to remote code execution (RCE). The attack exists because the argument config
in the function grep
can be manipulated by attacker using malicious code as it was not sanitized before execution.
CPE | Name | Operator | Version |
---|---|---|---|
karma-mojo | le | 1.1.0 |