CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7615

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.0%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

https://github.com/gregof/fsa/blob/master/lib/rep.js#L12
https://snyk.io/vuln/SNYK-JS-FSA-564118
https://github.com/gregof/fsa/blob/master/lib/rep.js#L12
https://snyk.io/vuln/SNYK-JS-FSA-564118

Products affected by CVE-2020-7615

Fsa Project » Fsa » Version: N/A

cpe:2.3:a:fsa_project:fsa:-
Fsa Project » Fsa » Version: 0.5.1

cpe:2.3:a:fsa_project:fsa:0.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7615

Products

Pricing

Contact Us