0.004 Low
EPSS
Percentile
75.0%
djv is vulnerable to arbitrary code execution. An attacker is able to execute arbitrary Javascript code on the host OS by controlling the schema file.
github.com/korzio/djv/blob/master/lib/utils/properties.js%23L55
github.com/korzio/djv/pull/98
github.com/korzio/djv/pull/98/files