Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-0440 | Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization. If (attacker-controlled) user input is given to the mac_address_for function of the package, it is possible for the attacker to execute arbitrary commands on the operating system that this package is being run on. |
Github GHSA |
GHSA-vvh2-82c7-ppfg | network Arbitrary Command Injection vulnerability |
Sat, 04 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 17 Jun 2025 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: snyk
Published:
Updated: 2026-07-04T15:25:05.032Z
Reserved: 2023-12-22T12:33:20.118Z
Link: CVE-2024-21488
Updated: 2024-08-01T22:20:40.579Z
Status : Modified
Published: 2024-01-30T05:15:09.277
Modified: 2026-06-17T07:09:35.853
Link: CVE-2024-21488
No data.
OpenCVE Enrichment
No data.
EUVD
Github GHSA