SPA-asp.net-api-vuejs-
SPA-asp.net-api-vuejs- copied to clipboard
mubaidr
WS-2018-0113 High Severity Vulnerability detected by WhiteSource
WS-2018-0113 - High Severity Vulnerability
Vulnerable Library - macaddress-0.2.8.tgz
Get the MAC addresses (hardware addresses) of the hosts network interfaces.
path: /tmp/git/SPA-asp.net-api-vuejs-/MBO/node_modules/macaddress/package.json
Library home page: http://registry.npmjs.org/macaddress/-/macaddress-0.2.8.tgz
Dependency Hierarchy:
- css-loader-0.28.8.tgz (Root Library)
- cssnano-3.10.0.tgz
- postcss-filter-plugins-2.0.2.tgz
- uniqid-4.1.1.tgz
- :x: macaddress-0.2.8.tgz (Vulnerable Library)
- uniqid-4.1.1.tgz
- postcss-filter-plugins-2.0.2.tgz
- cssnano-3.10.0.tgz
Vulnerability Details
All versions of macaddress are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the iface argument to the one method.
Publish Date: 2018-05-16
URL: WS-2018-0113
CVSS 2 Score Details (10.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/654
Release Date: 2018-05-16
Fix Resolution: No fix is currently available for this vulnerability. It is our recommendation to not install or use this module until a fix is provided.
Step up your Open Source Security Game with WhiteSource here
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "Published by a pub.dev verified publisher"){kind=small}