mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 07:47:42 +02:00
0xMarcio
763 B
763 B
CVE-2020-7597
Description
codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596.
POC
Reference
Github
No PoCs found on GitHub currently.