3 matches found
CVE-2020-28423
This affects all versions of package monorepo-build...
Information disclosure
This affects all versions of package monorepo-build...
CVE-2020-28423
CVE-2020-28423 affects all versions of the npm package monorepo-build. The connected sources describe a command-injection vulnerability in the package (notably in the publish function) with PoC examples showing how arguments can inject and execute arbitrary commands. Exploitation details are prov...