All vulnerabilities
CVE-2017-16042
Growl before 1.10.0 vulnerable to Command Injection
Description
Affected versions of growl do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.
Recommendation
Update to version 1.10.0 or later.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgrading
Score
9.8
Severity
Critical
Ecosystem
JavaScript
Publish Date
June 8, 2018
Modified Date
November 7, 2023
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Versions

