Skip to main content

Node Dns Sync

1 CVEs product

Monthly

CVE-2020-11079 npm CRITICAL PATCH Act Now

node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Node.js RCE Code Injection Node Dns Sync
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Node.js RCE Code Injection +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy