Vulnerability	Vulnerable Version
M Arbitrary File Read macaddress is a library that gets the MAC addresses (hardware addresses) of the hosts network interfaces. Affected versions of this package are vulnerable to Arbitrary File Read. By prepending `../../..` to the "interface" name, this line of code can be asked read a file from anywhere on the filesystem as long as that file is named `address`. Note: This is relevant only for Linux OS implementation. How to fix Arbitrary File Read? Upgrade `macaddress` to version 0.4.3 or higher.	<0.4.3
C Arbitrary Command Injection macaddress Retrieve MAC addresses in Linux, OS X, and Windows. Affected versions of this package are vulnerable to Arbitrary Command Injection. An attacker could inject arbitrary shell commands if the user input can influence the `iface` argument. How to fix Arbitrary Command Injection? Upgrade `macaddress` to version 0.2.9 or higher.	<0.2.9

Arbitrary File Read

macaddress is a library that gets the MAC addresses (hardware addresses) of the hosts network interfaces.

Affected versions of this package are vulnerable to Arbitrary File Read. By prepending ../../.. to the "interface" name, this line of code can be asked read a file from anywhere on the filesystem as long as that file is named address.

Note: This is relevant only for Linux OS implementation.

How to fix Arbitrary File Read?

Upgrade macaddress to version 0.4.3 or higher.

<0.4.3

Arbitrary Command Injection

macaddress Retrieve MAC addresses in Linux, OS X, and Windows.

Affected versions of this package are vulnerable to Arbitrary Command Injection. An attacker could inject arbitrary shell commands if the user input can influence the iface argument.

How to fix Arbitrary Command Injection?

Upgrade macaddress to version 0.2.9 or higher.

<0.2.9

Go back to all versions of this package