npm package
jsreport
pkg:npm/jsreport
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-2583 | — | < 3.11.3 | 3.11.3 | May 8, 2023 | Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3. | ||
| CVE-2020-8128 | — | < 2.6.0 | 2.6.0 | Feb 14, 2020 | An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code. |
- CVE-2023-2583May 8, 2023affected < 3.11.3fixed 3.11.3
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3.
- CVE-2020-8128Feb 14, 2020affected < 2.6.0fixed 2.6.0
An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code.