Skip to main content

Bestzip

1 CVEs product

Monthly

CVE-2020-7730 npm CRITICAL PATCH Act Now

The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Bestzip
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Bestzip
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy