VYPR
High severityNVD Advisory· Published Aug 30, 2020· Updated Sep 17, 2024

Command Injection

CVE-2020-7712

Description

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
jsonnpm
< 10.0.010.0.0
org.webjars.npm:jsonMaven
<= 9.0.6

Affected products

115

Patches

Vulnerability mechanics

References

39

News mentions

0

No linked articles in our index yet.