CVE-2020-7712

ADVISORY - github

Summary

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.

EPSS Score⁠: 0.0039 (0.593)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADVISORY - github

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Impacted images

Advisories

NIST

CREATED

5 years ago

UPDATED

11 months ago

ADVISORY IDCVE-2020-7712⁠

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-78⁠

CVSS SCORE

7.2high

GitHub

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY IDGHSA-3c6g-pvg8-gqw2⁠

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-78⁠

CVSS SCORE

7.2high

GitLab

CREATED

5 years ago

UPDATED

3 years ago

ADVISORY ID

CVE-2020-7712

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-78⁠CWE-937⁠

CVSS SCORE

7.2high

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-2p2j-g87h-g5xm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-345v-hqm5-8xrc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 days ago

UPDATED

2 days ago

ADVISORY ID

CGA-3mfg-wvqc-fpmg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 days ago

UPDATED

2 days ago

ADVISORY ID

CGA-5qqf-7w63-hx25

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-5w76-g2h7-gxrp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY ID

CGA-622m-m68m-7ggq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-6wg9-3j64-f8wj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-7w42-m96m-c6jg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-8x6f-5w3r-h5hx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-947x-3r27-rcjq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-96gq-cggr-xh2v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-9vv8-g8g6-h76r

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-c2h3-p9mm-56pm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-chrj-hf73-6gf5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-f2q9-8842-vm8g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY ID

CGA-f5qr-9999-86h9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-ff8p-vfgp-36cm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-fr86-hr4c-qvg8

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-g6c8-5r48-v6hg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-jm34-5hmg-4xx4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-jpcr-3whf-m9hc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY ID

CGA-jww8-jxrp-m42q

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-pjc4-r353-rg95

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-q2r2-7hj8-6whg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-qvg8-h36r-f4rv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY ID

CGA-v244-5j7g-jw4g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-v6c5-q8jg-5686

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-whp3-jj96-vvc2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-wqhc-6326-7f2r

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-wqqg-fvhq-hcg7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

intheWild

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2020-7712⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY