CVE-2020-36650 Vulnerability Details

  /     /     /  

CVE-2020-36650 Metadata Quick Info

CVE Published: 11/01/2023 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: VulDB | Vendor: IonicaBizau | Product: node-gry
Status : PUBLISHED

CVE-2020-36650 Description

A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218019.

Metrics

CVSS Version: 3.1 | Base Score: 5.5 MEDIUM
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-77
CWE Name: CWE-77 Command Injection
Source: IonicaBizau

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).