Search
Find a vulnerability
Search criteria
2 vulnerabilities found for closure-compiler-stream by closure-compiler-stream_project
CVE-2020-7603 (GCVE-0-2020-7603)
Vulnerability from nvd – Published: 2020-03-15 21:48 – Updated: 2024-08-04 09:33
VLAI
Summary
closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any sanitization.
Severity
No CVSS data available.
CWE
- Command Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREA… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | closure-compiler-stream |
Affected:
All versions including 0.1.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:20.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "closure-compiler-stream",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions including 0.1.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument \"options\" of the exports function in \"index.js\" can be controlled by users without any sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T21:48:52.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2020-7603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "closure-compiler-stream",
"version": {
"version_data": [
{
"version_value": "All versions including 0.1.15"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument \"options\" of the exports function in \"index.js\" can be controlled by users without any sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7603",
"datePublished": "2020-03-15T21:48:52.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:20.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7603 (GCVE-0-2020-7603)
Vulnerability from cvelistv5 – Published: 2020-03-15 21:48 – Updated: 2024-08-04 09:33
VLAI
Summary
closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any sanitization.
Severity
No CVSS data available.
CWE
- Command Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREA… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | closure-compiler-stream |
Affected:
All versions including 0.1.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:20.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "closure-compiler-stream",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions including 0.1.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument \"options\" of the exports function in \"index.js\" can be controlled by users without any sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T21:48:52.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2020-7603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "closure-compiler-stream",
"version": {
"version_data": [
{
"version_value": "All versions including 0.1.15"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument \"options\" of the exports function in \"index.js\" can be controlled by users without any sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-CLOSURECOMPILERSTREAM-560123"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7603",
"datePublished": "2020-03-15T21:48:52.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:20.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}