heroku-addonpool is vulnerable to remote code execution (RCE). The vulnerability exists because the parameter app
value can be controlled by the attacker by sending malicious code to execute in the function HerokuAddonPool
.
CPE | Name | Operator | Version |
---|---|---|---|
heroku-addonpool | le | 0.1.16 |