Node Df
1 CVEs
product
Monthly
A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Code Injection
RCE
Node Df
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2019-15597
npm
EPSS 3%
CVSS 9.8
CRITICAL
Act Now
A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Code Injection
RCE
Node Df
NVD