0.01 Low
EPSS
Percentile
83.3%
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1.
github.com/zamotany/logkitty/commit/ef2f673e25c629544dd3de6429999318447dd6bf
github.com/zamotany/logkitty/pull/18
hackerone.com/reports/825729
nvd.nist.gov/vuln/detail/CVE-2020-8149