Описание
Code injection in @rkesters/gnuplot
@rkesters/gnuplot is an easy to use node module to draw charts using gnuplot and ps2pdf. The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
Пакеты
Наименование
@rkesters/gnuplot
npm
Затронутые версииВерсия исправления
< 0.1.1
0.1.1
Связанные уязвимости
CVSS3: 9.8
nvd
почти 5 лет назад
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.