5 matches found
@alisowski/homebridge-samsungtv-control (=2.0.2), @dustinblackman/homebridge-samsungtv-control (>=2.0.1 <=2.0.2) +2 more potentially affected by CVE-2020-7786 via macfromip (=1.1.1)
macfromip NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on macfromip and may be impacted: - @alisowski/homebridge-samsungtv-control =2.0.2 - @dustinblackman/homebridge-samsungtv-control =2.0.1, =2.0.0, =0.0.5, =0.2.7 Source cves:...
CVE-2020-7786
creationtimestamp| type| source ---|---|--- 2021-02-08 22:39:45+00:00| seen| https://t.me/cibsecurity/23247...
CVE-2020-7786 Command Injection
This affects all versions of package macfromip. The injection point is located in line 66 in macfromip.js...
CVE-2020-7786
CVE-2020-7786 affects all versions of the npm package macfromip. The vulnerability is a command injection at the injection point in macfromip.js (line 66; SNYK also notes lines 66 and 96 as vulnerable). Exploitation can occur via crafted input without authentication and can lead to remote code ex...
@alisowski/homebridge-samsungtv-control (=2.0.2), @dustinblackman/homebridge-samsungtv-control (>=2.0.1 <=2.0.2) +2 more potentially affected by CVE-2020-7786 via macfromip (=1.1.1)
macfromip NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on macfromip and may be impacted: - @alisowski/homebridge-samsungtv-control =2.0.2 - @dustinblackman/homebridge-samsungtv-control =2.0.1, =2.0.0, =0.0.5, =0.2.7 Source cves:...