npm package
im-resize
pkg:npm/im-resize
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10787 | — | <= 2.3.2 | — | Feb 4, 2020 | im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization. |
- CVE-2019-10787Feb 4, 2020affected <= 2.3.2
im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.