CVE-2019-10801

CVE-2019-10801

EPSS 2.8%

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/balderdashy/enpeem/blob/master/index.js#L114 https://snyk.io/vuln/SNYK-JS-ENPEEM-559007