Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.12 views

CVE-2020-7602

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand" is called by "getDevices" function in file "linux/manager.js", which is required by the "index. process.env.NMCLI" in the file "linux/manager.js". This function is used to construct the argument of function...

9.8CVSS7AI score0.02534EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2021/05/07 4:16 p.m.5 views

sulu-file-system-view-prompt-here (>=1.0.2 <=1.0.4) potentially affected by CVE-2020-7602 via node-prompt-here (=1.0.1)

node-prompt-here NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on node-prompt-here and may be impacted: - sulu-file-system-view-prompt-here =1.0.2, =1.0.4 Source cves: CVE-2020-7602 Source advisory: OSV:GHSA-F8FH-8RGM-227H...

9.8CVSS7.2AI score0.02534EPSS
Exploits1
OSV
OSV
added 2020/03/15 10:15 p.m.11 views

CVE-2020-7602

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand" is called by "getDevices" function in file "linux/manager.js", which is required by the "index. process.env.NMCLI" in the file "linux/manager.js". This function is used to construct the argument of function...

9.8CVSS7AI score0.02534EPSS
Exploits1References1
NVD
NVD
added 2020/03/15 10:15 p.m.16 views

CVE-2020-7602

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand" is called by "getDevices" function in file "linux/manager.js", which is required by the "index. process.env.NMCLI" in the file "linux/manager.js". This function is used to construct the argument of function...

9.8CVSS9.5AI score0.02534EPSS
Exploits1References1
CVE
CVE
added 2020/03/15 9:26 p.m.49 views

CVE-2020-7602

CVE-2020-7602 relates to node-prompt-here up to version 1.0.1 where the runCommand() in linux/manager.js is invoked by getDevices(), which is tied to index.process.env.NM_CLI. The argument to execSync() is constructed unsafely and controllable by users, enabling arbitrary command execution (OS co...

9.8CVSS9.4AI score0.02534EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/03/15 9:26 p.m.17 views

CVE-2020-7602

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand" is called by "getDevices" function in file "linux/manager.js", which is required by the "index. process.env.NMCLI" in the file "linux/manager.js". This function is used to construct the argument of function...

9.6AI score0.02534EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2020/03/13 9:49 a.m.9 views

sulu-file-system-view-prompt-here (>=1.0.2 <=1.0.4) potentially affected by CVE-2020-7602 via node-prompt-here (=1.0.1)

node-prompt-here NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on node-prompt-here and may be impacted: - sulu-file-system-view-prompt-here =1.0.2, =1.0.4 Source cves: CVE-2020-7602 Source advisory: SNYK:JS-NODEPROMPTHERE-560115...

9.8CVSS7.2AI score0.02534EPSS
Exploits1
Rows per page
Query Builder