dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input.
Credit
Thanks to GitHub Engineer @erik-krogh (Erik Krogh Kristensen) for discovering and reporting this issue.
dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input.
Credit
Thanks to GitHub Engineer @erik-krogh (Erik Krogh Kristensen) for discovering and reporting this issue.