CVE-2021-23352 in madgeinformación

Resumen

por MITRE • 2021-03-10

This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

Snyk

Reservar

2021-01-08

Divulgación

2021-03-10

Moderación

aceptado

Artículo

VDB-170889

CPE

listo

EPSS

0.02057

KEV

no

Actividades

muy bajo

Fuentes

Do you know our Splunk app?

Download it now for free!