This affects the package json prior to 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
joyent json |
||
oracle commerce guided search 11.3.2 |
||
oracle timesten in-memory database |
||
oracle financial services regulatory reporting with agilereporter 8.0.9.6.3 |
||
oracle financial services crime and compliance management studio 8.0.8.2.0 |
||
oracle financial services crime and compliance management studio 8.0.8.3.0 |