← Back

Npm Programmatic Project

npm-programmatic_project

1 CVE • 1 product

Products (1)

Click to collapse
Toggle
Npm Programmatic
npm-programmatic
1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7614
1Npm Programmatic Project
1Npm Programmatic
Nov 21, 2024
Apr 7, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly.