Description
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument.
Remediation
References
https://openbase.io/js/apiconnect-cli-plugins
https://snyk.io/vuln/SNYK-JS-APICONNECTCLIPLUGINS-564427
Related Vulnerabilities
CVE-2018-8032 Vulnerability in maven package org.apache.axis:axis
CVE-2022-2191 Vulnerability in maven package org.eclipse.jetty:jetty-server
CVE-2020-15366 Vulnerability in maven package org.webjars.bowergithub.epoberezkin:ajv
CVE-2020-27216 Vulnerability in maven package org.mortbay.jetty:jetty
CVE-2015-7940 Vulnerability in maven package org.bouncycastle:bcprov-jdk15