Lucene search

[email protected]NVD:CVE-2020-19693

HistoryApr 04, 2023 - 3:15 p.m.

CVE-2020-19693

2023-04-0415:15:07

CWE-787

[email protected]

web.nvd.nist.gov

espruino

6ea4c0a

endpoint

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

58.9%

JSON

An issue found in Espruino Espruino 6ea4c0a allows an attacker to execute arbitrrary code via oldFunc parameter of the jswrap_object.c:jswrap_function_replacewith endpoint.

Affected configurations

Nvd

Node

espruinoespruinoMatch2019-06-28

VendorProductVersionCPE
espruinoespruino2019-06-28cpe:2.3:o:espruino:espruino:2019-06-28:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
espruino	espruino	2019-06-28	cpe:2.3:o:espruino:espruino:2019-06-28:::::::*

References

github.com/espruino/Espruino/issues/1684

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

58.9%

JSON

Related for NVD:CVE-2020-19693

cvelist1 cve1 prion1