CVE-2019-10787

Summary

im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.

Affected Software

VendorProductVersion RangeStatus
n/aim-resizeAll versionsaffected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References