Pomelo
1 CVEs
product
Monthly
Pomelo v2.2.5 allows external control of critical state data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Pomelo
NVD
GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-18954
npm
EPSS 1%
CVSS 5.3
MEDIUM
POC
PATCH
This Month
Pomelo v2.2.5 allows external control of critical state data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Pomelo
NVD
GitHub