CVE-2017-16042

Опубликовано: 04 июн. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was needed
cosmic	not-affected	1.10.5-2
devel	not-affected	1.10.5-2
disco	not-affected	1.10.5-2
eoan	not-affected	1.10.5-2
esm-apps/bionic	needed
esm-apps/focal	not-affected	1.10.5-2
esm-apps/jammy	not-affected	1.10.5-2
esm-apps/noble	not-affected	1.10.5-2

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%

0.00349

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-16042

CVSS3: 8.1

redhat

больше 9 лет назад

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.

CVE-2017-16042

CVSS3: 9.8

nvd

больше 7 лет назад

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.

CVE-2017-16042

CVSS3: 9.8

debian

больше 7 лет назад

Growl adds growl notification support to nodejs. Growl before 1.10.2 d ...

GHSA-qh2h-chj9-jffq

CVSS3: 9.8

github

больше 7 лет назад

Growl before 1.10.0 vulnerable to Command Injection

EPSS

Процентиль: 57%

0.00349

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2017-16042

Описание

Пакет node-growl

Ссылки на источники

Связанные уязвимости