Lucene search
+L

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0979

Malware in sbrugna...

9.8CVSS9.3AI score0.03145EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/05/06 6:27 p.m.6 views

@adobe/aem-site-template-builder (>=0.1.7 <=0.1.8), alexa-scripts (>=0.2.0 <=0.3.4) +4 more potentially affected by CVE-2020-7730 via bestzip (>=1.1.3 <=2.1.6)

bestzip NPM version =1.1.3, =0.1.7, =0.2.0, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.2 Source cves: CVE-2020-7730 Source advisory: OSV:GHSA-6XV6-JPVW-CX6Q...

9.8CVSS7.2AI score0.03145EPSS
Exploits0
NVD
NVD
added 2020/09/04 10:15 a.m.17 views

CVE-2020-7730

The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param...

9.8CVSS9.8AI score0.03145EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2020/09/02 3:5 p.m.8 views

@adobe/aem-site-template-builder (>=0.1.7 <=0.1.8), alexa-scripts (>=0.2.0 <=0.3.4) +4 more potentially affected by unknown CVE via bestzip (>=1.1.3 <=2.1.6)

bestzip NPM version =1.1.3, =0.1.7, =0.2.0, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.2 Source cves: unknown CVE Source advisory: OSV:GHSA-4QQC-MP5F-CCV4...

5.8AI score
Exploits0
OSV
OSV
added 2020/09/02 3:5 p.m.3 views

GHSA-4QQC-MP5F-CCV4 Command Injection in bestzip

Versions of bestzip prior to 2.1.7 are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an exec call on the zip function . This may allow attackers to execute arbitrary code in the system as long as the values of destination is user-controlled...

6.2AI score
Exploits0References1
Rows per page
Query Builder