Node Extend
1 CVEs
product
Monthly
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
RCE
Code Injection
Node Extend
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7673
npm
EPSS 3%
CVSS 9.8
CRITICAL
POC
Act Now
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
RCE
Code Injection
Node Extend
NVD