Filtered by vendor Shiba Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-7738 | 1 Shiba Project | 1 Shiba | 2024-02-04 | 6.5 MEDIUM | 8.3 HIGH |
All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad(). | |||||
CVE-2017-1000491 | 1 Shiba Project | 1 Shiba | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration. |