Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.8 views

CVE-2020-7672

mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User input provided to properties argument is executed by the eval function, resulting in code execution...

8.6CVSS7.1AI score0.01938EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2021/05/17 9:0 p.m.3 views

@enexus/ravepay (=1.3.0), @iykedapotential/flw-notifier (=0.0.6) +17 more potentially affected by CVE-2020-7672 via mosc (=1.0.0)

mosc NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mosc and may be impacted: - @enexus/ravepay =1.3.0 - @iykedapotential/flw-notifier =0.0.6 - @legobox/ravepay =1.3.0 - @waptik/ravepay-nodejs =1.2.1-1, =1.0.0, =1.0.0, =1.0.0, =1.0....

8.6CVSS7.2AI score0.01938EPSS
Exploits1
CVE
CVE
added 2020/06/10 3:36 p.m.56 views

CVE-2020-7672

CVE-2020-7672 affects the mosc package (mosc through 1.0.0). The vulnerability lies in user input passed to the properties argument, which is executed via eval, leading to arbitrary code execution. In practice, a crafted input can cause code execution in impacted environments (SNYK provides a Pro...

8.6CVSS8.7AI score0.01938EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/05 2:52 p.m.4 views

@enexus/ravepay (=1.3.0), @iykedapotential/flw-notifier (=0.0.6) +17 more potentially affected by CVE-2020-7672 via mosc (=1.0.0)

mosc NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mosc and may be impacted: - @enexus/ravepay =1.3.0 - @iykedapotential/flw-notifier =0.0.6 - @legobox/ravepay =1.3.0 - @waptik/ravepay-nodejs =1.2.1-1, =1.0.0, =1.0.0, =1.0.0, =1.0....

8.6CVSS7.2AI score0.01938EPSS
Exploits1
Rows per page
Query Builder