Security Advisory

CVE-2020-7738

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-02 10:05:13

Last updated 2024-09-17 02:11:06

Assigner snyk

State PUBLISHED

Description

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

← Browse all CVEs View on cve.org ↗