This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: snyk
Published: 2020-08-30T00:00:00
Updated: 2022-07-25T16:23:56
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7712
JSON object: View
NVD Information
Status : Modified
Published: 2020-08-30T08:15:11.900
Modified: 2023-11-07T03:26:11.033
Link: CVE-2020-7712
JSON object: View
Redhat Information
No data.
CWE