DirectorySecurity Advisories
Sign In
Security Advisories

CGA-pjc4-r353-rg95

Published

Last updated

https://images.chainguard.dev/security/CGA-pjc4-r353-rg95
Package

gitlab-rails-ee-17.1

Latest Update
Not affected
Aliases
  • CVE-2020-7712
  • GHSA-3c6g-pvg8-gqw2

Severity

7.2

High

CVSS V3

Summary

trentm/json vulnerable to command injection

Description

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images