Node Rules
1 CVEs
product
Monthly
node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
RCE
Code Injection
Node Rules
NVD
GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-7609
npm
EPSS 2%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
RCE
Code Injection
Node Rules
NVD
GitHub