← Back

Install Package Project

install-package_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Install Package
install-package
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7629
1Install Package Project
1Install Package
Nov 21, 2024
Apr 2, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
CVE-2020-7628
2Install Package Project
Umount Project
2Install Package
Umount
Nov 21, 2024
Apr 2, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization.