Turistforeningen/node-im-metadata

Releases41

Frequency3 weeks 2 days

Last Release over 9 years ago

Stars3

Retrieve image metadata using ImageMagick's identify command

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-10788 ↗	Feb 4, 2020Tuesday, 4 February 2020, 21:15	9.8 CRITICAL	7.5 HIGH
im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function.