Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Picotts
(Picotts_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-18 | CVE-2021-23378 | This affects all versions of package picotts. If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | Picotts | 9.8 |