CVE-2020-7712
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in maven/org.webjars.npm/json
Identifiers
GHSA-3c6g-pvg8-gqw2, CVE-2020-7712
Package Slug
maven/org.webjars.npm/json
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
Affected Versions
All versions up to 9.0.6
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-01-27
| source |