Irisnet Crypto
1 CVEs
product
Monthly
In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Code Injection
RCE
Irisnet Crypto
NVD
GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-9115
npm
EPSS 2%
CVSS 9.8
CRITICAL
PATCH
Act Now
In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Code Injection
RCE
Irisnet Crypto
NVD
GitHub