CVE-2014-7192 in Node.jsinformazioni

Riassunto

di MITRE

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

26/09/2014

Divulgazione

11/12/2014

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.13441

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!