• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2020-7738

February 26, 2023 by

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

CVE-2020-7742

February 26, 2023 by

This affects the package simpl-schema before 1.10.2.

CVE-2020-7754

February 26, 2023 by

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.

CVE-2020-7761

February 26, 2023 by

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails.

CVE-2020-7765

February 26, 2023 by

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.

CVE-2020-7677

February 26, 2023 by

This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 510
  • Go to page 511
  • Go to page 512
  • Go to page 513
  • Go to page 514
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE