Lucene search
SnykCVELIST:CVE-2020-7710HistoryAug 21, 2020 - 9:15 a.m.
CVE-2020-7710 Sandbox Escape
2020-08-2109:15:13
snyk
www.cve.org
4
cve-2020-7710
sandbox escape
safe-eval
arbitrary command execution
host machine
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
AI Score
9.7
Confidence
High
EPSS
0.008
Percentile
81.5%
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
CNA Affected
[
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
osv
osv
Sandbox Breakout / Arbitrary Code Execution in safe-eval
2020-08-25 23:40:53
veracode
veracode
Remote Code Execution (RCE)
2020-08-24 00:08:10
prion
prion
Command injection
2020-08-21 10:15:00
cve
cve
CVE-2020-7710
2020-08-21 10:15:11
github
github
Sandbox Breakout / Arbitrary Code Execution in safe-eval
2020-08-25 23:40:53
nvd
nvd
CVE-2020-7710
2020-08-21 10:15:11
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
AI Score
9.7
Confidence
High
EPSS
0.008
Percentile
81.5%
Related for CVELIST:CVE-2020-7710