CVE-2020-7738

Summary

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

Affected Software

VendorProductVersion RangeStatus
n/ashiba0 < unspecifiedaffected

Weaknesses

  • Arbitrary Code Execution

ADP Enrichment

CVE Program Container

Additional References

References