Количество 10
Количество 10
GHSA-fm6v-wmjp-5rxq
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.
CVE-2024-27980
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.
CVE-2024-27980
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.
CVE-2024-27980
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.
CVE-2024-27980
Due to the improper handling of batch files in child_process.spawn / c ...
BDU:2024-05853
Уязвимость функций child_process.spawn() и child_process.spawnSync() программной платформы Node.js операционных систем Windows, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольные команды
SUSE-SU-2024:2542-1
Security update for nodejs18
SUSE-SU-2024:2496-1
Security update for nodejs18
SUSE-SU-2024:2574-1
Security update for nodejs20
SUSE-SU-2024:2543-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-fm6v-wmjp-5rxq Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | CVSS3: 8.1 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-27980 Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | CVSS3: 8.1 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-27980 Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | 0% Низкий | больше 1 года назад | |
 | CVE-2024-27980 Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | CVSS3: 8.1 | 0% Низкий | 7 месяцев назад |
| CVE-2024-27980 Due to the improper handling of batch files in child_process.spawn / c ... | CVSS3: 8.1 | 0% Низкий | 7 месяцев назад |
 | BDU:2024-05853 Уязвимость функций child_process.spawn() и child_process.spawnSync() программной платформы Node.js операционных систем Windows, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольные команды | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:2542-1 Security update for nodejs18 | около 1 года назад | ||
| SUSE-SU-2024:2496-1 Security update for nodejs18 | около 1 года назад | ||
| SUSE-SU-2024:2574-1 Security update for nodejs20 | около 1 года назад | ||
| SUSE-SU-2024:2543-1 Security update for nodejs20 | около 1 года назад |
Уязвимостей на страницу