Lucene search
+L

4 matches found

vulnersOsv
vulnersOsv
added 2022/07/26 12:1 a.m.5 views

bear (=0.1.0), proud-badge (>=0.0.1 <=0.0.5) +1 more potentially affected by CVE-2020-28438 via deferred-exec (=0.3.1)

deferred-exec NPM version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on deferred-exec and may be impacted: - bear =0.1.0 - proud-badge =0.0.1, =0.0.1, =0.0.4 Source cves: CVE-2020-28438 Source advisory: OSV:GHSA-54W4-2F2P-F48H...

9.8CVSS7.2AI score0.01112EPSS
Exploits1
Cvelist
Cvelist
added 2022/07/25 2:5 p.m.22 views

CVE-2020-28438 Command Injection

This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js...

9.8CVSS9.7AI score0.01112EPSS
Exploits1References1
CVE
CVE
added 2022/07/25 2:5 p.m.47 views

CVE-2020-28438

CVE-2020-28438 affects all versions of the npm package deferred-exec. The vulnerability is a command injection in the deferred-exec.js file, with the injection point at line 42 in lib/deferred-exec.js. Multiple sources describe the issue as a command injection affecting the package, without detai...

9.8CVSS9.7AI score0.01112EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2021/01/26 10:22 a.m.4 views

bear (=0.1.0), proud-badge (>=0.0.1 <=0.0.5) +1 more potentially affected by CVE-2020-28438 via deferred-exec (=0.3.1)

deferred-exec NPM version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on deferred-exec and may be impacted: - bear =0.1.0 - proud-badge =0.0.1, =0.0.1, =0.0.4 Source cves: CVE-2020-28438 Source advisory: SNYK:JS-DEFERREDEXEC-1050433...

9.8CVSS7.2AI score0.01112EPSS
Exploits1
Rows per page
Query Builder