6 matches found
CVE-2020-11079
node-dns-sync npm module dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1...
CVE-2020-11079
creationtimestamp| type| source ---|---|--- 2020-05-28 22:55:28+00:00| seen| https://t.me/cibsecurity/12380 2026-06-08 10:21:08+00:00| seen| https://gist.github.com/moizxsec/c42bfada3bf659de639c1c1c2ff88abc...
CVE-2020-11079
node-dns-sync npm module dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1...
CVE-2020-11079
node-dns-sync npm module dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1...
@blitzbank/dashboard (>=0.0.1 <=0.0.2), @bloombox/js-client (=1.1.4) +22 more potentially affected by CVE-2020-11079 via dns-sync (=0.1.3)
dns-sync NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on dns-sync and may be impacted: - @blitzbank/dashboard =0.0.1, =0.1.0, =1.0.2, =1.0.1, =1.0.1, =2.2.37, =0.0.1, =0.2.24, =0.0.1, =1.0.0, =2.0.3 and more Source cves: CVE-2020-110...
CVE-2020-11079 command injection fix in node-dns-sync
node-dns-sync npm module dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1...