Skip to main content

Pomelo

1 CVEs product

Monthly

CVE-2019-18954 npm MEDIUM POC PATCH This Month

Pomelo v2.2.5 allows external control of critical state data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pomelo
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Pomelo v2.2.5 allows external control of critical state data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pomelo
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy