CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Geojson2kml Project: Security Vulnerabilities

CVE-2020-28429

All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){})

CVSS Score

7.3

EPSS Score

0.754

Published

2021-02-23

Page 1

Vulnerabilities

Vulnerable Software

Geojson2kml Project: Security Vulnerabilities

Products

Pricing

Contact Us