CVE-2020-7738 Vulnerability in npm package shiba

Description

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

Remediation

References

https://snyk.io/vuln/SNYK-JS-SHIBA-596466

Related Vulnerabilities

CVE-2022-43432 Vulnerability in maven package org.jenkins-ci.plugins:xframium

CVE-2021-21118 Vulnerability in maven package org.webjars.npm:electron

CVE-2022-36025 Vulnerability in maven package org.hyperledger.besu:evm

CVE-2023-35147 Vulnerability in maven package org.jenkins-ci.plugins:aws-codecommit-trigger

CVE-2020-2245 Vulnerability in maven package org.jenkins-ci.plugins:valgrind

Severity

Critical

Description

Remediation

References

Related Vulnerabilities

Severity

Tags

Take action and discover your vulnerabilities