जमा करें #850857: Node.js create-react-app 12.0.1 OS Command Injectionजानकारी

शीर्षकNode.js create-react-app 12.0.1 OS Command Injection
विवरणThe react-dev-utils package (v12.0.1) is vulnerable to OS Command Injection on macOS. The openBrowser API fails to properly sanitize URLs before passing them to a shell command via execSync, allowing an attacker to execute arbitrary commands if they can control the URL passed to the function. The vulnerability exists in openBrowser.js within the startBrowserProcess function. When running on macOS and targeting Google Chrome or a Chromium-based browser, the library uses child_process.execSync to execute an AppleScript: ``` // Located in react-dev-utils/openBrowser.js execSync( 'osascript openChrome.applescript "' + encodeURI(url) + '" "' + chromiumBrowser + '"', { cwd: __dirname, stdio: 'ignore', } ); ``` The code uses encodeURI(url) as a security filter. However, encodeURI does not escape characters that are significant in a shell environment, specifically \$, (, and ). Since the URL is interpolated into a double-quoted string and executed via /bin/sh, the shell expands command substitutions \$(...) or backticks before passing the result to osascript. Although the library was previously patched in v11.0.5 by moving to execFileSync, the dangerous execSync logic has reappeared in version 12.0.1.
स्रोत⚠️ https://github.com/react/create-react-app/issues/17269
उपयोगकर्ता
 Dremig (UID 95003)
सबमिशन07/06/2026 08:25 AM (29 दिन पहले)
संयम05/07/2026 09:11 PM (29 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि376396 [react create-react-app तक 5.0.1 पर macOS react-dev-utils openBrowser.js startBrowserProcess अधिकार वृद्धि]
अंक20

Might our Artificial Intelligence support you?

Check our Alexa App!