CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-8125

Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://hackerone.com/reports/778414
https://hackerone.com/reports/778414

Products affected by CVE-2020-8125

Klona Project » Klona » Version: 1.0.0

cpe:2.3:a:klona_project:klona:1.0.0
Klona Project » Klona » Version: 1.1.0

cpe:2.3:a:klona_project:klona:1.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8125

Products

Pricing

Contact Us