Skip to main content

Morgan Json

1 CVEs product

Monthly

CVE-2022-25921 npm CRITICAL POC Act Now

All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Morgan Json
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Morgan Json
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy