Lucene search
SnykCVELIST:CVE-2020-7785HistoryFeb 08, 2021 - 6:25 p.m.
CVE-2020-7785 Command Injection
2021-02-0818:25:24
snyk
www.cve.org
5
vulnerability
package node-ps
injection point
lib/index.js
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.025
Percentile
90.2%
This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js.
CNA Affected
[
{
"product": "node-ps",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
OS Command Injection
2021-02-09 07:13:18
prion
prion
Code injection
2021-02-08 19:15:00
nvd
nvd
CVE-2020-7785
2021-02-08 19:15:14
osv
osv
Command injection in node-ps
2021-03-19 21:21:06
github
github
Command injection in node-ps
2021-03-19 21:21:06
cve
cve
CVE-2020-7785
2021-02-08 19:15:14
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.025
Percentile
90.2%
Related for CVELIST:CVE-2020-7785