CVE-2019-10787

Published: Feb 4, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.

Vendor	Product	Versions
n/a	im-resize	affected `All versions`

References

https://snyk.io/vuln/SNYK-JS-IMRESIZE-544183

x_refsource_MISC

https://github.com/Turistforeningen/node-im-resize/commit/de624dacf6a50e39fe3472af1414d44937ce1f03

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-10787

Description

Affected Products

References