CVE-2018-13797

Опубликовано: 10 июл. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

Релиз	Статус	Примечание
artful	DNE
bionic	ignored	end of standard support, was needed
cosmic	not-affected	0.2.9-1
devel	not-affected	0.2.9-1
disco	not-affected	0.2.9-1
eoan	not-affected	0.2.9-1
esm-apps/bionic	needed
esm-apps/focal	not-affected	0.2.9-1
esm-apps/jammy	not-affected	0.2.9-1
esm-apps/noble	not-affected	0.2.9-1

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2018-13797

CVSS3: 9.8

redhat

больше 7 лет назад

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

CVE-2018-13797

CVSS3: 9.8

nvd

больше 7 лет назад

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

CVE-2018-13797

CVSS3: 9.8

debian

больше 7 лет назад

The macaddress module before 0.2.9 for Node.js is prone to an arbitrar ...

GHSA-pp57-mqmh-44h7

CVSS3: 9.8

github

больше 7 лет назад

Command Injection in macaddress

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2018-13797

Описание

Пакет node-macaddress

Ссылки на источники

Связанные уязвимости