@cve-notifications.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

CVE Sentinel

cve-notifications.bsky.social

did:plc:fmpxu5qaccixyxvvyzsllshl

ID: CVE-2024-27980 CVSS V3.0: HIGH Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. #security #infosec #cve-alert https://nvd.nist.gov/vuln/detail/CVE-2024-27980

2025-01-09T01:15:55.749Z