RSS   Vulnerabilities for 'Devcert-sanscache'   RSS

2020-01-08
 
CVE-2019-10778

CWE-78
 

 
devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable `commonName` controlled by user input is used as part of the `exec` function without any sanitization.

 


Copyright 2024, cxsecurity.com

 

Back to Top