npm package
morgan
pkg:npm/morgan
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5413 | — | < 1.9.1 | 1.9.1 | Mar 17, 2019 | An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. |
- CVE-2019-5413Mar 17, 2019affected < 1.9.1fixed 1.9.1
An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.