Skip to main content

Sketchsvg

1 CVEs product

Monthly

CVE-2023-26107 npm HIGH POC This Week

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Sketchsvg
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH POC This Week

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Sketchsvg
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy