Search
Find a vulnerability
Search criteria
2 vulnerabilities by gulp-styledocco_project
CVE-2020-7607 (GCVE-0-2020-7607)
Vulnerability from nvd – Published: 2020-03-15 21:40 – Updated: 2024-08-04 09:33
VLAI
Summary
gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument 'options' of the exports function in 'index.js' can be controlled by users without any sanitization.
Severity
No CVSS data available.
CWE
- Command Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | gulp-styledocco |
Affected:
All versions including 0.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:20.004Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gulp-styledocco",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions including 0.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument \u0027options\u0027 of the exports function in \u0027index.js\u0027 can be controlled by users without any sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T21:40:50.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2020-7607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gulp-styledocco",
"version": {
"version_data": [
{
"version_value": "All versions including 0.0.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument \u0027options\u0027 of the exports function in \u0027index.js\u0027 can be controlled by users without any sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7607",
"datePublished": "2020-03-15T21:40:50.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:20.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7607 (GCVE-0-2020-7607)
Vulnerability from cvelistv5 – Published: 2020-03-15 21:40 – Updated: 2024-08-04 09:33
VLAI
Summary
gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument 'options' of the exports function in 'index.js' can be controlled by users without any sanitization.
Severity
No CVSS data available.
CWE
- Command Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | gulp-styledocco |
Affected:
All versions including 0.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:20.004Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gulp-styledocco",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions including 0.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument \u0027options\u0027 of the exports function in \u0027index.js\u0027 can be controlled by users without any sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T21:40:50.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2020-7607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gulp-styledocco",
"version": {
"version_data": [
{
"version_value": "All versions including 0.0.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument \u0027options\u0027 of the exports function in \u0027index.js\u0027 can be controlled by users without any sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7607",
"datePublished": "2020-03-15T21:40:50.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:20.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}