Lucene search
SnykCVELIST:CVE-2020-7673HistoryJun 10, 2020 - 3:36 p.m.
CVE-2020-7673
2020-06-1015:36:01
snyk
www.cve.org
1
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend function(A,B,as,isAargs) located within lib/extend.js is executed by the eval function, resulting in code execution.
CNA Affected
[
{
"product": "node-extend",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions including 0.2.0"
}
]
}
]References
Related
veracode
veracode
Arbitrary Code Execution
2020-06-11 07:01:26
prion
prion
Remote code execution
2020-06-10 16:15:00
nvd
nvd
CVE-2020-7673
2020-06-10 16:15:10
checkpoint_advisories
checkpoint_advisories
Node.js Node Extend Remote Code Execution (CVE-2020-7673)
2020-06-28 00:00:00
debiancve
debiancve
CVE-2020-7673
2020-06-10 16:15:10
osv
osv
Code Injection in node-extend
2021-05-17 21:00:37
github
github
Code Injection in node-extend
2021-05-17 21:00:37
cve
cve
CVE-2020-7673
2020-06-10 16:15:10