Описание
BrowserStack Local vulnerable to Command Injection through logfile variable
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.
Пакеты
Наименование
browserstack-local
npm
Затронутые версииВерсия исправления
<= 1.5.8
Отсутствует
Связанные уязвимости
CVSS3: 7.8
nvd
10 дней назад
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.