EUVD-2021-0830

Malware in sbrugna...

GHSA-H73G-8G27-XXCX Command injection in corenlp-js-prefab

This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.'...

Command injection in corenlp-js-prefab

This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.'...

Command Injection

corenlp-js-prefab is vulnerable to command injection. The vulnerability is possible via the main function...

CVE-2020-28439 Command Injection

This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:...

CVE-2020-28439

CVE-2020-28439 affects all versions of the npm package corenlp-js-prefab . The root cause is a dependency on the vulnerable corenlp-js-interface , with an injection point in the package’s index.js (line 10). Impact is command injection leading to potential arbitrary command execution when the mai...

Command Injection

Overview corenlp-js-prefab is a deprecated package. Uses corenlp-js-interface with a simple prefab function so you only have to send text no extra parameters with each call. Affected versions of this package are vulnerable to Command Injection via the main function. PoC var...

Noahdess Corenlp-js-prefab Command Injection Vulnerability

Noahdess Corenlp-js-prefab is a codebase for preprocessing text data written in JS by the Noahdess individual developer. A command injection vulnerability exists in Noahdess corenlp-js-prefab, which stems from an injection point located at line 10 in index.js. This depends on a vulnerable package...