Heroku Addonpool
1 CVEs
product
Monthly
heroku-addonpool through 0.1.15 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Command Injection
Heroku Addonpool
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-7634
npm
EPSS 3%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
heroku-addonpool through 0.1.15 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Command Injection
Heroku Addonpool
NVD
GitHub