Описание
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- PatchRelease NotesThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchRelease NotesThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.2.9 (исключая)
cpe:2.3:a:node-macaddress_project:node-macaddress:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 93%
0.11295
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 7 лет назад
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
CVSS3: 9.8
redhat
больше 7 лет назад
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
CVSS3: 9.8
debian
больше 7 лет назад
The macaddress module before 0.2.9 for Node.js is prone to an arbitrar ...
EPSS
Процентиль: 93%
0.11295
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78