Description
Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0.
Remediation
References
https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5
https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c
https://github.com/strapi/strapi/issues/12879
Related Vulnerabilities
CVE-2023-43642 Vulnerability in maven package org.xerial.snappy:snappy-java
CVE-2017-16211 Vulnerability in npm package lessindex
CVE-2021-21181 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-41713 Vulnerability in npm package deep-object-diff
CVE-2022-45868 Vulnerability in maven package com.h2database:h2