Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtZjUtajVqOS05OXBw
OS Command Injection in pulverizr
pulverizr through 0.7.0 allows execution of arbitrary commands. Within lib/job.js
, the variable filename
can be controlled by the attacker. This function uses the variable "filename" to construct the argument of the exec call without any sanitization. In order to successfully exploit this vulnerability, an attacker will need to create a new file with the same name as the attack command.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtZjUtajVqOS05OXBw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: about 3 years ago
Updated: 8 months ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-fmf5-j5j9-99pp, CVE-2020-7604
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-7604
- https://snyk.io/vuln/SNYK-JS-PULVERIZR-560122
- https://github.com/bentruyman/pulverizr/blob/master/lib/job.js#L73
- https://github.com/advisories/GHSA-fmf5-j5j9-99pp
Blast Radius: 15.4
Affected Packages
npm:pulverizr
Dependent packages: 3Dependent repositories: 37
Downloads: 2,459 last month
Affected Version Ranges: <= 0.7.0
No known fixed version
All affected versions: 0.7.0