Lucene search
PRIOn knowledge basePRION:CVE-2020-7795HistoryAug 02, 2022 - 2:15 p.m.
Command injection
2022-08-0214:15:00
PRIOn knowledge base
www.prio-n.com
3
The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.
| CPE | Name | Operator | Version |
|---|---|---|---|
| get-npm-package-version | lt | 1.0.7 |
References
github.com/hoperyy/get-npm-package-version/blob/338a5882298eb2c2194538db41166cae13c39e03/index.js%23L17
github.com/hoperyy/get-npm-package-version/commit/40b1cf31a0607ea66f9e30a0c3af1383b52b2dec
security.snyk.io/vuln/SNYK-JS-GETNPMPACKAGEVERSION-1050390
www.npmjs.com/package/get-npm-package-version/v/1.0.6
Related
osv
osv
get-npm-package-version Command Injection vulnerability
2022-08-03 00:00:57
CVE-2020-7795
2022-08-02 14:15:09
cvelist
cvelist
CVE-2020-7795 Command Injection
2022-08-02 00:00:00
nvd
nvd
CVE-2020-7795
2022-08-02 14:15:09
github
github
get-npm-package-version Command Injection vulnerability
2022-08-03 00:00:57
veracode
veracode
Command Injection
2022-08-03 04:41:42
cve
cve
CVE-2020-7795
2022-08-02 14:15:09