← Back

Dnt

dnt

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Im Resize
im-resize
1 CVE
Im Metadata
im-metadata
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-10788
1Dnt
1Im Metadata
Nov 21, 2024
Feb 4, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function.
CVE-2019-10787
1Dnt
1Im Resize
Nov 21, 2024
Feb 4, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.