CVE-2018-16462

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1550%

EPSS Percentile21.29th

Published2018年10月30日

Last Modified2024年11月21日

Vulnerability Description

A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.

Affected Platforms (CPE)

📦

Apex Publish Static Files Project

Apex Publish Static Files

< 2.0.1

References & Advisories

🔗 https://hackerone.com/reports/405694

相關漏洞威脅

CVE-2018-1716010.0

In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by b...

CVE-2018-1884310.0

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSR...

CVE-2018-1941710.0

An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH me...

CVE-2018-1381610.0

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 10...