domokeeper@0.0.2 vulnerabilities
domokeeper server: a pluggable domotic control server for Raspberry Pi 2/3
-
latest version
0.2.0
-
first published
7 years ago
-
latest version published
7 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the domokeeper package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
domokeeper is a pluggable domotic control server for Raspberry Pi 2/3. Affected versions of this package are vulnerable to Arbitrary Code Execution. How to fix Arbitrary Code Execution? There is no fixed version for |
>=0.0.0
|
domokeeper is a pluggable domotic control server for Raspberry Pi 2/3. Affected versions of this package are vulnerable to Arbitrary Code Execution. The path to required module is passed in an HTTP request without any sanitisation, thus making it possible to load code that was not intended to run on the server.
In addition, the fact that output of the module is passed to server response directly may cause information leakage. For example it is possible to read How to fix Arbitrary Code Execution? There is no fixed version for |
*
|