CVE-2020-28464

🗓️ 04 Jan 2021 12:12:15Reported by [email protected]Type

Affects djv package version 2.1.

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2020-28464	4 Jan 202112:15	–	cve
Veracode	Arbitrary Code Execution	5 Jan 202106:05	–	veracode
OSV	Arbitrary code execution in djv	13 Apr 202115:24	–	osv
Cvelist	CVE-2020-28464 Remote Code Execution (RCE)	4 Jan 202111:50	–	cvelist
Prion	Code injection	4 Jan 202112:15	–	prion
Github Security Blog	Arbitrary code execution in djv	13 Apr 202115:24	–	github

Nvd

Node

djv_project djvRange<2.1.4node.js

Source	Link
github	www.github.com/korzio/djv/blob/master/lib/utils/properties.js%23L55
snyk	www.snyk.io/vuln/SNYK-JS-DJV-1014545
github	www.github.com/korzio/djv/pull/98/files

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jan 2021 12:15Current

9.5High risk

Vulners AI Score9.5

CVSS210

CVSS39.8

EPSS0.00681

CWE-94