🕵️ CVE-2020-7597 | codecov-node up to 3.6.4 on npm Incomplete Fix CVE-2020-7596 lib/codecov.js exec gcov-root os command injection
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability was found in codecov-node up to 3.6.4 on npm and classified as critical. Affected by this issue is the function exec
in the library lib/codecov.js of the component Incomplete Fix CVE-2020-7596. The manipulation of the argument gcov-root as part of Argument leads to os command injection.
This vulnerability is handled as CVE-2020-7597. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component. ...
🔧 Gcov in MariaDB
📈 35.79 Punkte
🔧 Programmierung
⚠️ FusionPBX Command exec.php Command Execution
📈 24.26 Punkte
⚠️ PoC
🔧 npm toggle-beautify | my first npm package
📈 24.01 Punkte
🔧 Programmierung