CVE-2020-7674

Summary

access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the template function is executed by the eval function resulting in code execution.

Affected Software

VendorProductVersion RangeStatus
n/aaccess-policyAll versions including 3.1.0affected

Weaknesses

  • Arbitrary Code Execution

ADP Enrichment

CVE Program Container

Additional References

References