Cyber Security Center of the National Bank of Ukraine
Main Banks Non-banking financial sector Cyber fraud

CVE-2019-10783

All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.

    Product

  • isof_project isof 0.0.4

Score

7.5

Source

http://nvd.nist.gov

Access-complexity

LOW

Access-vector

NETWORK