mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 23:14:03 +02:00
0xMarcio
824 B
824 B
CVE-2020-7597
Description
codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596.