Skip to main content

Nick Chan Bot

1 CVEs product

Monthly

CVE-2020-5282 CRITICAL PATCH Act Now

In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Node.js Command Injection Nick Chan Bot
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Node.js Command Injection Nick Chan Bot
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy