Identifier

CVE-2020-7738

Package Slug

npm/shiba

Vulnerability

Code Injection

Description

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement, safeLoad().

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-10-07

source