Skip to main content

Hot Formula Parser

1 CVEs product

Monthly

CVE-2020-6836 npm CRITICAL PATCH Act Now

grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js RCE Code Injection Hot Formula Parser
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js RCE Code Injection +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy