CVE-2020-8149

Summary

Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1.

Affected Software

VendorProductVersion RangeStatus
n/alogkittyFixed Version: 0.7.1affected

Weaknesses

  • CWE-94: Code Injection (CWE-94)

ADP Enrichment

CVE Program Container

Additional References

References