CVE-2020-7795

Summary

The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.

Affected Software

VendorProductVersion RangeStatus
n/aget-npm-package-versionunspecified < 1.0.7affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References