Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dns-sync project dns-sync vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-16100
dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible.
Dns-sync Project Dns-sync
10
CVSSv2
CVE-2014-9682
The dns-sync module prior to 0.1.1 for node.js allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
Dns-sync Project Dns-sync
7.5
CVSSv2
CVE-2020-11079
node-dns-sync (npm module dns-sync) up to and including 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1.
Node-dns-sync Project Node-dns-sync
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started