Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:35 a.m.4 views

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name...

9.8CVSS7.3AI score0.02693EPSS
Exploits1References1
NVD
NVD
added 2023/03/27 3:15 a.m.28 views

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name...

9.8CVSS9.8AI score0.02693EPSS
Exploits1References2
OSV
OSV
added 2023/03/27 3:15 a.m.12 views

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name...

9.8CVSS10AI score
Exploits0References2
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.36 views

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name...

9.8AI score0.02693EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.7 views

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name...

7.7AI score0.02693EPSS
Exploits1References2
CVE
CVE
added 2023/03/27 12:0 a.m.59 views

CVE-2018-25083

The CVE-2018-25083 issue affects the pullit package for Node.js, before version 1.4.0. The root cause is the use of eval on an attacker-supplied Git branch name, enabling OS command injection. Impact is high across confidentiality, integrity, and availability (per CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:...

9.8CVSS9.7AI score0.02693EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder