What the vulnerability does

01Description

A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input.

Key dates

02Disclosure timeline

December 18, 2019 CVE published
August 5, 2024 Record updated