Nodejs Uploader
1 CVEs
product
Monthly
Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Node.js
Command Injection
Nodejs Uploader
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-7596
npm
EPSS 2%
CVSS 8.8
HIGH
POC
PATCH
This Week
Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Node.js
Command Injection
Nodejs Uploader
NVD