CVE-2014-7192 in Node.jsinformation

Résumé

par MITRE

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

26/09/2014

Divulgation

11/12/2014

Modérer

accepté

Entrée

VDB-67717

CPE

prêt

Exploitation

Télécharger

EPSS

0.13441

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!