Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0290

Malware in sbrugna...

8.8CVSS9.1AI score0.02918EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 3:10 p.m.8 views

CVE-2020-7596

Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument...

8.8CVSS7.5AI score0.01859EPSS
Exploits1References1
OSV
OSV
added 2020/02/19 5:29 p.m.16 views

GHSA-5Q88-CJFQ-G2MH codecov NPM module allows remote attackers to execute arbitrary commands

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596...

8.8CVSS8.8AI score0.03805EPSS
Exploits2References3
Veracode
Veracode
added 2020/02/18 3:57 a.m.17 views

Remote Code Execution (RCE)

codecov is vulnerable to remote code execution RCE. Due to an incomplete fix of CVE-2020-7596, the gcov-root and ather parameters are not sanitized properly and being executed in the exe function of lib/codecov.js, allowing an attacker to trigger RCE...

8.8CVSS6.5AI score0.02918EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2020/02/17 7:15 p.m.31 views

CVE-2020-7597

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596...

8.8CVSS9.3AI score0.02918EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/02/17 6:48 p.m.41 views

CVE-2020-7597

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596...

9.3AI score0.02918EPSS
Exploits1References2
CVE
CVE
added 2020/01/25 6:8 p.m.129 views

CVE-2020-7596

CVE-2020-7596 affects the codecov-node npm module and its code path that processes the gcov-args/gcov-root argument. Multiple connected sources confirm that codecov-node prior to 3.6.5 (and originally up to 3.6.2 for the core CVE-2020-7596 fix) allows remote attackers to execute arbitrary command...

8.8CVSS8.9AI score0.01859EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2020/01/08 11:3 a.m.4 views

@dpjayasekara/tscore (>=0.0.1 <=0.1.1), @futagoza/dev (=0.0.0) +14 more potentially affected by CVE-2020-7596 via codecov (>=3.0.0 <=3.6.1)

codecov NPM version =3.0.0, =0.0.1, =0.0.29, =1.0.10, =1.0.18, =1.0.0, =1.7.0, =1.0.1, =1.0.8, =1.17.0, =1.15.3, =3.0.0, =1.0.14, =4.4.1-beta.1, =6.0.0-beta.0 and more Source cves: CVE-2020-7596 Source advisory: SNYK:JS-CODECOV-543183...

8.8CVSS7.2AI score0.01859EPSS
Exploits1
Rows per page
Query Builder