Affected versions of
growl do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.
Update to version 1.10.2 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedJul 5th, 2017
reportedInitial report by Cristian-Alexandru StaicuSep 6th, 2016