PT-2019-20036 · Npm · Command-Exists

Published

2019-06-03

·

Updated

2019-06-03

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions command-exists versions prior to 1.2.4
Description The issue allows for command injection, which can be exploited if user input is provided to the command-exists module.
Recommendations Update to version 1.2.4 or later.

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

GHSA-CFF4-RRQ6-H78W

Affected Products

Command-Exists