Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2021/05/06 6:27 p.m.6 views

@adobe/aem-site-template-builder (>=0.1.7 <=0.1.8), alexa-scripts (>=0.2.0 <=0.3.4) +4 more potentially affected by CVE-2020-7730 via bestzip (>=1.1.3 <=2.1.6)

bestzip NPM version =1.1.3, =0.1.7, =0.2.0, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.2 Source cves: CVE-2020-7730 Source advisory: OSV:GHSA-6XV6-JPVW-CX6Q...

9.8CVSS7.2AI score0.03145EPSS
Exploits0
OSV
OSV
added 2020/09/04 10:15 a.m.15 views

CVE-2020-7730

The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param...

9.8CVSS7.2AI score
Exploits0References2
CVE
CVE
added 2020/09/04 9:30 a.m.54 views

CVE-2020-7730

CVE-2020-7730 affects the npm package bestzip prior to version 2.1.7, which is vulnerable to Command Injection via the options parameter. The vulnerability is described across multiple sources (NVD/NVDC, OSV, GitHub advisories, and npm advisories) with a high-severity impact (CVSS v3.1: CRITICAL,...

9.8CVSS9.7AI score0.03145EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2020/09/02 2:8 p.m.5 views

@adobe/aem-site-template-builder (>=0.1.7 <=0.1.8), vulnerable-js (>=1.0.0 <=1.0.2) potentially affected by CVE-2020-7730 via bestzip (=2.1.6)

bestzip NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on bestzip and may be impacted: - @adobe/aem-site-template-builder =0.1.7, =1.0.0, =1.0.2 Source cves: CVE-2020-7730 Source advisory: SNYK:JS-BESTZIP-609371...

9.8CVSS7.2AI score0.03145EPSS
Exploits0
Rows per page
Query Builder