2024-01-28 00:00:00
mitre
PUBLISHED
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the reports accuracy ... the configuration does not enable remote code execution.."