Geojson2kml

geojson2kml

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-28429 1Geojson2kml Project 1Geojson2kml Nov 21, 2024 Feb 23, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){})