Vulnerabilities > CVE-2021-33360 - Unspecified vulnerability in Stoqey Gnuplot
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, child_process, and/or filePath parameter(s).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- https://advisory.checkmarx.net/advisory/CX-2021-4811/
- https://advisory.checkmarx.net/advisory/CX-2021-4811/
- https://github.com/stoqey/gnuplot/blob/cd76060a15f58348baeef1c5fd867ce856515949/src/index.ts#L211-L217
- https://github.com/stoqey/gnuplot/blob/cd76060a15f58348baeef1c5fd867ce856515949/src/index.ts#L211-L217