npm package
summit
pkg:npm/summit
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16020 | — | >= 0.1.0, <= 0.1.22 | — | Jun 4, 2018 | Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name. |
- CVE-2017-16020Jun 4, 2018affected >= 0.1.0, <= 0.1.22
Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name.