3 matches found
@cpomelo/pomelo (=2.2.7), @linix01/pomelo (=2.2.9) +54 more potentially affected by CVE-2020-7620 via pomelo-monitor (>=0.3.5 <=0.3.7)
pomelo-monitor NPM version =0.3.5, =2.2.5, =1.0.0, =2.2.5, =0.0.1, =0.0.1, =1.0.1, =0.1.0, =2.2.6, =0.0.1, =0.1.0 and more Source cves: CVE-2020-7620 Source advisory: OSV:GHSA-4J54-MXF6-WXX2...
CVE-2020-7620
pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params...
CVE-2020-7620
CVE-2020-7620 affects pomelo-monitor up to version 0.3.7. The vulnerability allows command injection through parameters passed to pomelo-monitor, enabling an attacker to execute arbitrary commands. CVSS data indicate a NETWORK, low complexity, no authentication, with high confidentiality, integri...