GHSA-mx3r-w3pj-7wv7

Опубликовано: 19 мар. 2021

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Command injection in wc-cmd

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2020-28431
https://snyk.io/vuln/SNYK-JS-WCCMD-1050423

Пакеты

Наименование

wc-cmd

npm

Затронутые версииВерсия исправления

<= 1.0.9

Отсутствует

9.8 Critical

CVSS3

CVE ID

CVE-2020-28431

Дефекты

CWE-77

Связанные уязвимости

CVE-2020-28431

nvd

почти 5 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

9.8 Critical

CVSS3

CVE ID

CVE-2020-28431

Дефекты

CWE-77