CVE-2020-28437

Summary

This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js.

Affected Software

VendorProductVersion RangeStatus
n/aheroku-env0 < unspecifiedaffected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References