CVE-2017-16042

Growl before 1.10.0 vulnerable to Command Injection

Description

Affected versions of growl do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.

Recommendation

Update to version 1.10.0 or later.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

June 8, 2018

Modified Date

November 7, 2023

Score Vector

Affected Versions