View all vulnerabilities

CVE-2017-16042

Growl before 1.10.0 vulnerable to Command Injection

Affected versions of `growl` do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.## RecommendationUpdate to version 1.10.0 or later.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
9.8
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Versions
growl < 1.10.0
Severity
Ecosystem
JavaScript
Publish Date
June 8, 2018
Modified Date
November 7, 2023