Security Advisory

CVE-2020-7609

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-27 21:06:35

Last updated 2024-08-04 09:33:19

Assigner snyk

State PUBLISHED

Description

node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitization.

← Browse all CVEs View on cve.org ↗