Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ini_project:ini:1.2.1:*:*:*:*:node.js:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-7788 |
This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. Published: December 11, 2020; 6:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |