Описание
OS Command Injection in s3-uploader
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function.
Пакеты
Наименование
s3-uploader
npm
Затронутые версииВерсия исправления
<= 2.0.3
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 3 лет назад
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function.