This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2020-08-30T07:15:16.008893Z
Updated: 2024-09-17T02:46:56.982Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7712
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-08-30T08:15:11.900
Modified: 2024-11-21T05:37:39.673
Link: CVE-2020-7712
Redhat
No data.