5 matches found
CVE-2020-28425
creationtimestamp| type| source ---|---|--- 2022-08-02 18:17:58+00:00| seen| https://t.me/cibsecurity/47413...
CVE-2020-28425
This affects all versions of package curljs...
CVE-2020-28425
Curljs is affected by a Command Injection vulnerability that affects all versions. The root cause is lack of input sanitization, allowing an attacker-supplied argument to inject OS commands. Reported exploit evidence includes a PoC showing arbitrary command execution, and multiple sources confirm...
CVE-2020-28425 Command Injection
This affects all versions of package curljs...
ca-reservoir-status (=1.0.0) potentially affected by CVE-2020-28425 via curljs (=0.1.2)
curljs NPM version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on curljs and may be impacted: - ca-reservoir-status =1.0.0 Source cves: CVE-2020-28425 Source advisory: SNYK:JS-CURLJS-1050404...